urlscan.io logo urlscan.io
SecurityTrails logo

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::6816:4245  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadO...
Effective URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_...
Submission: On January 02 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 9 countries across 87 domains to perform 491 HTTP transactions. The main IP is 2606:4700:10::6816:4245, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 689120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
18 172.67.72.38 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
5 188.114.97.3 13335 (CLOUDFLAR...)
1 108.157.1.118 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 151.101.1.44 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 2620:1ec:c11:... 8068 (MICROSOFT...)
3 6 216.58.206.38 15169 (GOOGLE)
8 2620:116:800d... 16509 (AMAZON-02)
2 23.213.165.149 16625 (AKAMAI-AS)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.13.242 13335 (CLOUDFLAR...)
2 5 142.250.181.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2.19.120.77 20940 (AKAMAI-ASN1)
1 18.66.112.57 16509 (AMAZON-02)
1 37.157.6.234 198622 (ADFORM)
49 104.26.5.251 13335 (CLOUDFLAR...)
7 8 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
2 15.197.193.217 16509 (AMAZON-02)
6 64.74.236.127 19024 (INTERNAP-...)
4 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.171.53 29990 (ASN-APPNEX)
4 7 37.252.171.85 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.73.161.34 14618 (AMAZON-AES)
2 154.59.122.94 174 (COGENT-174)
2 72.44.44.12 14618 (AMAZON-AES)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
68 151.101.64.176 54113 (FASTLY)
1 2 185.167.164.39 198622 (ADFORM)
4 2a03:2880:f17... 32934 (FACEBOOK)
8 18.193.153.136 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 40.160.4.235 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
6 151.101.1.21 54113 (FASTLY)
6 10 2a02:2638:3::c 44788 (ASN-CRITE...)
57 54.186.23.98 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 6 178.250.1.9 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.129.35 54113 (FASTLY)
4 44.240.143.252 16509 (AMAZON-02)
1 11 37.157.5.133 198622 (ADFORM)
1 37.157.4.28 198622 (ADFORM)
3 52.48.216.154 16509 (AMAZON-02)
3 23.213.165.82 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 18.195.8.215 16509 (AMAZON-02)
3 164.132.25.185 16276 (OVH)
1 2607:ae80:4::25 26558 (FREEWHEEL)
3 52.58.206.230 16509 (AMAZON-02)
1 4 104.18.36.155 13335 (CLOUDFLAR...)
3 3 77.243.51.122 42697 (NETIC-AS)
3 4 77.243.51.121 42697 (NETIC-AS)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
5 5 142.250.186.66 15169 (GOOGLE)
1 3.121.27.153 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 34.250.183.118 16509 (AMAZON-02)
2 2.23.197.190 16625 (AKAMAI-AS)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 1 54.194.99.174 16509 (AMAZON-02)
1 52.218.112.163 16509 (AMAZON-02)
3 18.203.91.219 16509 (AMAZON-02)
3 198.47.127.205 62713 (AS-PUBMATIC)
1 65.9.66.113 16509 (AMAZON-02)
2 3 34.243.165.208 16509 (AMAZON-02)
3 5 54.76.135.177 16509 (AMAZON-02)
1 1 63.35.246.168 16509 (AMAZON-02)
2 2 52.28.181.94 16509 (AMAZON-02)
1 216.46.185.182 13649 (ASN-FLEXE...)
3 162.19.138.117 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
3 23.32.185.35 16625 (AKAMAI-AS)
1 2600:9000:219... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
3 13.248.245.213 16509 (AMAZON-02)
2 3.123.235.147 16509 (AMAZON-02)
1 198.137.150.201 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 23.218.208.23 16625 (AKAMAI-AS)
2 69.173.144.139 26667 (RUBICONPR...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 3.71.149.231 16509 (AMAZON-02)
2 2.16.164.8 20940 (AKAMAI-ASN1)
2 37.157.6.254 198622 (ADFORM)
2 52.30.133.211 16509 (AMAZON-02)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 18.159.136.150 16509 (AMAZON-02)
2 107.21.19.202 14618 (AMAZON-AES)
2 3.65.6.17 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 85.215.5.31 6786 (CRONON-BE...)
1 54.229.8.219 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 104.19.218.90 13335 (CLOUDFLAR...)
2 104.19.219.90 13335 (CLOUDFLAR...)
491 108
1    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.marchofdimes.org
17    2606:4700:10::6816:4245 (United States)

ASN13335 (CLOUDFLARENET, US)
www.marchofdimes.org
give.marchofdimes.org
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
18    172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
api.fundraiseup.com
5    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
fndrsp-checkout.net
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
12    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
8832015.fls.doubleclick.net
8    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
6    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
5    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
6    2.19.120.77 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-77.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net
js.ipredictive.com
1    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
49    104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)
static.fundraiseup.com
api.fundraiseup.com
8    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
6    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
tr.outbrain.com
sync.outbrain.com
4    2600:9000:224a:5600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    52.73.161.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-161-34.compute-1.amazonaws.com
ad.ipredictive.com
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
2    72.44.44.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-44-12.compute-1.amazonaws.com
px.adentifi.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
68    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
b.stripecdn.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    18.193.153.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    40.160.4.235 (United States)

ASN16276 (OVH, FR)
sentry.fundraiseup.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ru
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
6    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
57    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
2    2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
4    44.240.143.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-143-252.us-west-2.compute.amazonaws.com
m.stripe.com
11    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
3    52.48.216.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-216-154.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    18.195.8.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-8-215.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    164.132.25.185 (France)

ASN16276 (OVH, FR)
PTR: ip185.ip-164-132-25.eu
rtb-csync.smartadserver.com
1    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    52.58.206.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-206-230.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
3    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
se.semasio.net
2    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.250.183.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-183-118.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
1    54.194.99.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-99-174.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.112.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    65.9.66.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-113.fra56.r.cloudfront.net
pdw-adf.userreport.com
3    34.243.165.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-165-208.eu-west-1.compute.amazonaws.com
a.audrte.com
5    54.76.135.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-135-177.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    63.35.246.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-246-168.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    52.28.181.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    216.46.185.182 (Highlands Ranch, United States)

ASN13649 (ASN-FLEXENTIAL, US)
global.ib-ibi.com
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2600:9000:2190:1600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.123.235.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-235-147.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    198.137.150.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
4    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2.16.164.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-8.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    52.30.133.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    18.159.136.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-136-150.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
2    107.21.19.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-202.compute-1.amazonaws.com
jadserve.postrelease.com
2    3.65.6.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f18:612b:4200:a2e1:966e:301b:d0c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    54.229.8.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-8-219.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
4    104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api.hcaptcha.com
2    104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
api.hcaptcha.com
Apex Domain
Subdomains		 Transfer
123 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
r.stripe.com — Cisco Umbrella Rank: 6573
m.stripe.com — Cisco Umbrella Rank: 2365
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870
3 MB
68 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 59411
static.fundraiseup.com — Cisco Umbrella Rank: 54477
api.fundraiseup.com — Cisco Umbrella Rank: 179449
sentry.fundraiseup.com — Cisco Umbrella Rank: 202515
1 MB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 189
www.google.com — Cisco Umbrella Rank: 6
pay.google.com — Cisco Umbrella Rank: 3910
play.google.com — Cisco Umbrella Rank: 95
425 KB
20 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4009
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
sslwidget.criteo.com — Cisco Umbrella Rank: 2480
widget.us.criteo.com — Cisco Umbrella Rank: 27168
dis.criteo.com — Cisco Umbrella Rank: 943
67 KB
19 doubleclick.net
8832015.fls.doubleclick.net — Cisco Umbrella Rank: 921481
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
27 KB
18 marchofdimes.org
go.marchofdimes.org — Cisco Umbrella Rank: 581801
www.marchofdimes.org — Cisco Umbrella Rank: 689120
give.marchofdimes.org
390 KB
16 adform.net
s2.adform.net — Cisco Umbrella Rank: 7751
a2.adform.net — Cisco Umbrella Rank: 12667
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
cm.adform.net — Cisco Umbrella Rank: 1664
41 KB
12 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
54 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
10 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
10 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
172 KB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
sync-t1.taboola.com — Cisco Umbrella Rank: 2152
trc-events.taboola.com — Cisco Umbrella Rank: 2320
25 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
t.paypal.com — Cisco Umbrella Rank: 3583
89 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4796
17 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3674
tr.outbrain.com — Cisco Umbrella Rank: 3336
wave.outbrain.com — Cisco Umbrella Rank: 3465
sync.outbrain.com — Cisco Umbrella Rank: 1287
10 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
39 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
se.semasio.net — Cisco Umbrella Rank: 19184
4 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6229
newassets.hcaptcha.com — Cisco Umbrella Rank: 7636
api.hcaptcha.com — Cisco Umbrella Rank: 7827
405 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818
152 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
266 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
410 KB
4 gstatic.com
www.gstatic.com
101 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
170 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
r.casalemedia.com — Cisco Umbrella Rank: 2571
2 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
32 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
265 B
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
7 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
3 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 18058
45 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
418 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
criteo-sync.teads.tv — Cisco Umbrella Rank: 3178
489 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
3 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
373 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
1014 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
436 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
489 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
692 B
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
705 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
595 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
33 KB
3 fndrsp-checkout.net
fndrsp-checkout.net — Cisco Umbrella Rank: 196518
1 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
insight.adsrvr.org — Cisco Umbrella Rank: 1095
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
2 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28126
306 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791
797 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
69 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
843 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 9290
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
769 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
638 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
2 KB
2 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3028
87 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378
629 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
647 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
928 B
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 24308
17 KB
2 google.ru
www.google.ru — Cisco Umbrella Rank: 5960
563 B
2 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 16453
69 B
2 acuityplatform.com
e.acuityplatform.com — Cisco Umbrella Rank: 33546
374 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
31 KB
2 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 55640
754 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522
38 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 40489
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
238 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 3432
72 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
493 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 39122
433 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 48841
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 3669
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
265 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
93 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
640 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 5432
38 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 44866
466 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
5 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
50 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
96 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
0 smartstream.tv Failed
ads.smartstream.tv Failed
491 87
Domain Requested by
63 static.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
www.marchofdimes.org
61 js.stripe.com static.fundraiseup.com
js.stripe.com
34 r.stripe.com js.stripe.com
23 q.stripe.com go.marchofdimes.org
js.stripe.com
16 www.marchofdimes.org go.marchofdimes.org
www.marchofdimes.org
static.cloudflareinsights.com
12 play.google.com www.gstatic.com
12 bat.bing.com www.googletagmanager.com
bat.bing.com
8832015.fls.doubleclick.net
10 cdn.cookielaw.org www.marchofdimes.org
cdn.cookielaw.org
8 c1.adform.net 1 redirects a2.adform.net
c1.adform.net
8 gum.criteo.com 6 redirects dynamic.criteo.com
8 tags.srv.stackadapt.com 8832015.fls.doubleclick.net
tags.srv.stackadapt.com
7 ib.adnxs.com 4 redirects 8832015.fls.doubleclick.net
go.marchofdimes.org
6 www.paypal.com static.fundraiseup.com
www.paypal.com
www.paypalobjects.com
6 px.ads.linkedin.com 5 redirects static.fundraiseup.com
6 analytics.tiktok.com go.marchofdimes.org
analytics.tiktok.com
6 connect.facebook.net go.marchofdimes.org
connect.facebook.net
8832015.fls.doubleclick.net
6 8832015.fls.doubleclick.net 3 redirects www.googletagmanager.com
5 dpm.demdex.net 3 redirects
5 cm.g.doubleclick.net 5 redirects
5 ad.doubleclick.net 2 redirects go.marchofdimes.org
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com www.marchofdimes.org
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 ups.analytics.yahoo.com go.marchofdimes.org
4 dis.criteo.com
4 pay.google.com static.fundraiseup.com
pay.google.com
go.marchofdimes.org
www.gstatic.com
4 se.semasio.net 3 redirects c1.adform.net
4 m.stripe.com m.stripe.network
4 m.stripe.network js.stripe.com
m.stripe.network
4 www.facebook.com 8832015.fls.doubleclick.net
4 secure.adnxs.com 2 redirects 8832015.fls.doubleclick.net
c1.adform.net
4 pixel.quantserve.com 8832015.fls.doubleclick.net
4 rules.quantcount.com secure.quantserve.com
4 tr.outbrain.com amplify.outbrain.com
4 secure.quantserve.com www.googletagmanager.com
8832015.fls.doubleclick.net
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 eb2.3lift.com c1.adform.net
go.marchofdimes.org
3 id5-sync.com c1.adform.net
go.marchofdimes.org
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 simage2.pubmatic.com c1.adform.net
go.marchofdimes.org
3 beacon.krxd.net c1.adform.net
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net c1.adform.net
go.marchofdimes.org
3 rtb-csync.smartadserver.com c1.adform.net
go.marchofdimes.org
3 ad.yieldlab.net c1.adform.net
go.marchofdimes.org
3 ad.360yield.com c1.adform.net
go.marchofdimes.org
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 fndrsp-checkout.net cdn.fundraiseup.com
3 ad.ipredictive.com 8832015.fls.doubleclick.net
js.ipredictive.com
3 adservice.google.com 8832015.fls.doubleclick.net
3 api.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
2 api.hcaptcha.com newassets.hcaptcha.com
2 trc-events.taboola.com static.fundraiseup.com
2 a.twiago.com go.marchofdimes.org
2 criteo-partners.tremorhub.com go.marchofdimes.org
2 match.sharethrough.com go.marchofdimes.org
2 sync.outbrain.com go.marchofdimes.org
2 jadserve.postrelease.com go.marchofdimes.org
2 exchange.mediavine.com go.marchofdimes.org
2 matching.ivitrack.com go.marchofdimes.org
2 r.casalemedia.com go.marchofdimes.org
2 visitor.omnitagjs.com go.marchofdimes.org
2 cm.adform.net go.marchofdimes.org
2 hb.yahoo.net go.marchofdimes.org
2 criteo-sync.teads.tv go.marchofdimes.org
2 sync-t1.taboola.com go.marchofdimes.org
2 pixel.rubiconproject.com go.marchofdimes.org
2 contextual.media.net go.marchofdimes.org
2 e1.emxdgt.com c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 dsp.adfarm1.adition.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 t.paypal.com www.marchofdimes.org
2 widget.us.criteo.com 8832015.fls.doubleclick.net
2 sslwidget.criteo.com 2 redirects
2 mug.criteo.com 8832015.fls.doubleclick.net
2 ucarecdn.com www.marchofdimes.org
2 www.google.ru
2 www.google.com
2 a2.adform.net 1 redirects
2 dynamic.criteo.com 8832015.fls.doubleclick.net
2 px.adentifi.com 8832015.fls.doubleclick.net
2 e.acuityplatform.com 8832015.fls.doubleclick.net
2 googleads.g.doubleclick.net www.googletagmanager.com
2 px4.ads.linkedin.com 8832015.fls.doubleclick.net
2 www.linkedin.com 2 redirects
2 snap.licdn.com www.googletagmanager.com
8832015.fls.doubleclick.net
2 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 fndrsp.net cdn.fundraiseup.com
1 hcaptcha.com b.stripecdn.com
1 sync-criteo.ads.yieldmo.com
1 merchant-ui-api.stripe.com js.stripe.com
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 global.ib-ibi.com c1.adform.net
1 match.adsrvr.org c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 loadm.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 a1.seadform.net
1 cds.taboola.com static.fundraiseup.com
1 sentry.fundraiseup.com static.fundraiseup.com
1 pips.taboola.com cdn.taboola.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 wave.outbrain.com amplify.outbrain.com
1 insight.adsrvr.org js.adsrvr.org
1 trc.taboola.com cdn.taboola.com
1 s2.adform.net go.marchofdimes.org
1 js.ipredictive.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.resonate.com go.marchofdimes.org
1 amplify.outbrain.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.fundraiseup.com go.marchofdimes.org
1 give.marchofdimes.org www.marchofdimes.org
1 static.cloudflareinsights.com www.marchofdimes.org
1 fonts.googleapis.com www.marchofdimes.org
1 go.marchofdimes.org
0 ads.smartstream.tv Failed c1.adform.net
491 134
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
sentry.fundraiseup.com
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.ru
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
cps3.ucarecdn.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-21 -
2024-04-02		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2025-01-06		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Frame ID: 13DB9DB1B1D2D19F8E2965ED5E8F965E
Requests: 176 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Frame ID: 10944229508377C82C818ACA7497D746
Requests: 12 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Frame ID: 0414DB171E3C14C7FB29100CEF5AE4BC
Requests: 20 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&upid=b8lvzxo&upv=1.1.0
Frame ID: 6DEA74A7C16A7FADFD4A04CF2730D506
Requests: 1 HTTP requests in this frame

Frame: https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: FBB8F69CEDC82814A24D28C13BDC2BDB
Requests: 2 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204746&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&val=undefined&tn=undefined&p1=gtm.js
Frame ID: 9DC1FED7F37CE3A473BA565EB1739F14
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 9F42778FF7A01778D33CC09D69760BD5
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BADDAC9E308FD6A0D480520B0D14540A
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: CAB0C3F0B6B5267605E7FD39442DFF47
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: C4983C9422FD29E5AE87CF08B8B524D4
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 3D56E91B53ADC6CC46DCA04C39BEF24C
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 052CE3855BDDCB15AEFB65D349700BC5
Requests: 8 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Frame ID: E1786E753E49027DF1EA18E5A2F194C1
Requests: 20 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2A799282C75C9F558BA09B36255B5125
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C468CC2565B20AA4A96B56DB0B5199AC
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: C81CDC0B1A3251CD20383440E89EA063
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 5BADBFB4E19C33B499C4EFC38296E900
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 4A7189029B67775D25B50968176DBD0C
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: FC1732C2143E0B442B8917D962A7D9D1
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Frame ID: 9874CFBD8501A69104D5D1127124B1C9
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Frame ID: 6D8F784D332561C01A6CBBA3BBB057CF
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 5C5368DE5103DD9877389F710FC2DCF3
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Frame ID: C4B1EF902468581F35E0FB7156CB8FD4
Requests: 41 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 5EDC8F50B51D2DA04CA11B727BCFEA04
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Frame ID: E3237E7539536153E4131E9FD47EAB6A
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Frame ID: AE347A49C16E28E4A55B23B4DA48CF32
Requests: 30 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Frame ID: 39A2FE2F51EC84D072535F08972DD796
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: D883B4C0439B3A6EDE56B1EACBAEAE56
Requests: 5 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 5F1E47CE51B42B7EDF7B8E315D88E857
Requests: 5 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=ueq4istrfzc
Frame ID: 7BDD3F2815B052CDC2585675DA6CB438
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Now | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8D... Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

491
Requests

93 %
HTTPS

25 %
IPv6

87
Domains

134
Subdomains

108
IPs

9
Countries

6785 kB
Transfer

22496 kB
Size

99
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM= Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Request Chain 70
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Request Chain 80
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CMfzhrTxvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 81
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CK7yhrTxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204745929%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&cookiesTest=true&liSync=true&e_ipv6=AQKo_EVBNPb6YQAAAYzKhL89UfshnCnQaaAMvmbDrV9oZ9_Clfn1nM7W3OGhScmuRnowTBDZix3U8Q
Request Chain 115
  • https://secure.adnxs.com/px?id=1282070&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Request Chain 116
  • https://ib.adnxs.com/seg?add=22494154 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Request Chain 126
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 144
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204746219%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQLjngETOZqy2gAAAYzKhL-Mj-e-TdT_fWmsrAjJmTZGm5NDo8GFURVYtNdXfHXPagScCJdvNMgbug
Request Chain 177
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Request Chain 225
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=s964iHxTREpnRXpCSWN6T1I2RnRGSmtMbWlJY1RKKzZpeTE2aHhUYzJNWDA4R3FzTXlGR2RVRG9jMmR0dFI1Qjk1NWJLYzIwelFHWXFRRjF5WG5CS1BJZ1lhS3dnRkRreFJia2VPUDZNQm9ja2ZQLzFhSWs1TTB2bEtBdmlsa2lqb1RqYm5ZcGlxYXdqOXZScUF3eXBaTVRCQjRhSHlOZWx1UUdIMk93TG02OWVtRjBNWU5ZbTdha2dhSnl4Ti95aTIrOU02NmtZR1dobjk5NGViSlI5cTZyZDNZK1FNbTlac3d4MjVvM3gvSFRtMStTWTNQTjAxSWNSR1pDMUdobFhXREZRMVdwMTFxcmdmT1pxeTBqaFg0TEhMSVlLV2Z3VHFuaUdLQjdpZTdVeEo0M01lRTJRblR3YzZacmVnVFl0OUhrK21nb1UzT0FER3padzZwS3FxNG9SZ0E9PXw&cppv=2
Request Chain 258
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=4a3d2d08-23ce-4e12-9b11-b18f4c056fbf&dtycbr=39328 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=4a3d2d08-23ce-4e12-9b11-b18f4c056fbf&dtycbr=39328
Request Chain 305
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=9f88dd97-fd64-4ffa-9288-dec5d001169a&dtycbr=21519 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=9f88dd97-fd64-4ffa-9288-dec5d001169a&dtycbr=21519
Request Chain 314
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OMlHWXxYenRGYzYrM1JqWGd3cEFwRnR0Y3VOanY5ekpsYmE0S1I4OUtxRGxkRTV1akVBQWNoVmF0R1U3c0J2bnkvWE10MWIzS3g1WkNjdkJRU1ZjYUxObVBSWXFXT2xPalMzZjk0bEFqOTRyb0Y3L2Q2bGVwNm9YK1BrN3hpZ1RFb3lNKzlXTVVpelBEZnE4WEp5WFBTOXNCZG1qbjFaT3RIQzhkVFV3MURpbHd0b2JLTGl6aDBxZUxEUm9GdW9pc0ZYRllGTlpMZTJJMlpqZnVXK1ZZSnU3YzlXUXZ0ckNqTit0bGJZdGwyMWw1ZzN1WjhMNEZnVGc2aExyOVZXalhmMnNCaWZkL0M1SUNUOGtDejhOQ0Y5SHZwTjVHazg5d0RFcVRqYnZETUxPMDJFakU5dXgrZ3JFNGZtZ1MwUFpNWTE3WlR5eXdrbkJBa2pWbkFDdG9MSDFGbmc9PXw&cppv=2
Request Chain 333
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406&C=1
Request Chain 334
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8888949933311824082&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8888949933311824082&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=8888949933311824082&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503654076086417&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=7929666645488120199&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Rjc4NDBDRjlGQTVFRjQ&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=
Request Chain 341
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 342
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8888949933311824082 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214cbb7062ccc4f8a87c7e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=48a4a8ed354f9705295660e67aa3d1f3 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214cbb7062ccc4f8a87c7e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODg4ODk0OTkzMzMxMTgyNDA4Mg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEActjPKXoP4C6o5iM9ES68g&google_cver=1&google_ula=1641347,0
Request Chain 346
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=7929666645488120199&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=8888949933311824082
Request Chain 349
  • https://a.audrte.com/a?adform_uid=8888949933311824082 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNiOHFwNGU0d3ZUdnk3YU1aSjRWSXBIQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 350
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8888949933311824082&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=20231972238052069120584754700750723200&noredirect=1
Request Chain 351
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8888949933311824082 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204749002743594
Request Chain 352
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503654076086417
Request Chain 354
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=TLIn4kzc1RkFvl5
Request Chain 358
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1206311336 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zj4Z5Z/4W6y/4buodySlYu
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_cm&google_hm=ay00SmxEYjJiMERtWWEyWFlTUmZJVVNMaGN2RXlyVDl2Z3o3OV9aZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Request Chain 398
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
Request Chain 410
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_cm&google_hm=ay00SmxEYjJiMERtWWEyWFlTUmZJVVNMaGN2RXlyVDl2Z3o3OV9aZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Request Chain 425
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
Request Chain 437
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0
Request Chain 458
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4-BAmzxxBjbCiCqN1wGtYQ3vLi6_ddGA
Request Chain 459
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Hn6kR8b7rBWrtq0CRjRYNV-jORFNdQNL

491 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0F... 		754 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-dCCX1wx7t8U8ZnoPtvgXl0DpbsY5y05zK80o/+TdjlA=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83f398c20f129279-FRA
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 14:12:24 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, no-cache, no-store, max-age=0
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-dCCX1wx7t8U8ZnoPtvgXl0DpbsY5y05zK80o/+TdjlA=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
c8585d25321e519b
Primary Request donate-now
www.marchofdimes.org/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98f3a71675b4faaad62f41054c4a19d90f3a2a4918ad74a0d18f1d8a19e2866
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://go.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83f398c3ee713625-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:25 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=8629
etag
W/"94f-60d0d56313bb8"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f398cac8173625-FRA
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 14:05:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 14:12:25 GMT
css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
www.marchofdimes.org/sites/default/files/css/ 		172 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=177163
etag
W/"7d61-60d0d563bea18"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f398cac81b3625-FRA
x-xss-protection
1; mode=block
rocket-loader.min.js
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83f398cac8243625-FRA
expires
Thu, 04 Jan 2024 14:12:25 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83f398caebdb39ca-FRA
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
6641
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cac8253625-FRA
x-xss-protection
1; mode=block
js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
www.marchofdimes.org/sites/default/files/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Nov 2023 23:17:54 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=24764
etag
W/"19b1-60b66dc85ec70"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f398cb893f3625-FRA
x-xss-protection
1; mode=block
reminder.js
give.marchofdimes.org/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.marchofdimes.org/reminder.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 02 Oct 2023 16:39:53 GMT
server
cloudflare
age
3527
cf-polished
origSize=6204
etag
W/"e6ce93114ff5d91:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
83f398cb996d3625-FRA
js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
www.marchofdimes.org/sites/default/files/js/ 		160 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:56 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=165577
etag
W/"f117-60d0d567acfa8"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f398cb89443625-FRA
x-xss-protection
1; mode=block
google_tag.script.js
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 		348 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jan 2024 13:43:11 GMT
server
cloudflare
age
135
etag
W/"15c-60df6adf03f18-gzip"
vary
Accept-Encoding
content-type
text/javascript
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb894a3625-FRA
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
29542
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cbae481c05-FRA
fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:07:43 GMT
server
cloudflare
age
6636
etag
W/"1fb9-60d0d2abc8dc0"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb894c3625-FRA
x-xss-protection
1; mode=block
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		328 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		123 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2416
etag
W/"1eb4c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb99603625-FRA
x-xss-protection
1; mode=block
7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		130 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2416
etag
W/"206b0-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb99673625-FRA
x-xss-protection
1; mode=block
09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2416
etag
W/"20b6c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb996a3625-FRA
x-xss-protection
1; mode=block
f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		129 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2416
etag
W/"20448-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb996b3625-FRA
x-xss-protection
1; mode=block
e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2416
etag
W/"20a90-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cb996c3625-FRA
x-xss-protection
1; mode=block
ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9695
content-md5
g/KZi3qFt3L2oPImJ/jgJw==
content-length
1475
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:15:27 GMT
server
cloudflare
etag
0x8DBC992F85E777F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
78ebd77a-e01e-006a-24c0-21e1ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cc09b703e4-FRA
expires
Wed, 03 Jan 2024 14:12:25 GMT
AJPYNTWD
cdn.fundraiseup.com/widget/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AJPYNTWD
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b97ed17e8a18001ccf3cc6303ebfc6e1a6f34a266887509fc1808e3255b4625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"609412709"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCnyCBjbr43Z4rhlgnm9hsUcNR420jobxLxjxE0yCpl%2B2kO%2BbaKsE3kZzs%2Bi%2Fpd3NTyGg%2Fgq5c3KCkd1wuFcyRl78t3KTbvQKJb%2BG9VtPQhx1%2BVxqTgEacEBji48muAyNx8c%2Bfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
83f398cc2cf73624-FRA
link
<https://static.fundraiseup.com/8404ac38d731.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
26590
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55c003e6-c01e-001f-4190-138a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cc3f201c05-FRA
gtm.js
www.googletagmanager.com/ 		362 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03997c1e2212aeb6e2ad8dc8b2343ed6179226fddaa3ec6069d2cb59b37a8ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109221
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:12:25 GMT
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
6641
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f398cc6afc3625-FRA
x-xss-protection
1; mode=block
8404ac38d731.elementsApi.js
static.fundraiseup.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2343Y8WPBGF7CB
age
18571
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EHOnUB/iM0UahvlNTlBSZZuL3vZt0LGolikSdVD/Ub0YjaEGjKPl56DoN/ejnxIS46HZIceOJac=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"a1890ed56981ecf46c638b122d04247d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjB4axpFgKQo%2BaWjorHwVKJda6N0qE5cUmIAB0cpn3wf8bquYTuEYiX4nfKhqmsU2BH%2FWXziqmLz8CS4F4x2NhocErrGcAU%2F5hujRT4esumaLgBXvfBkOmper2PmkR4GVqATkRIepJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d8e3624-FRA
AJPYNTWD.js
static.fundraiseup.com/embed-data/elements-global/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSSVFEX522G9788
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nZa+BhBW5xUNaMPS3tBSfXkVWUJbz5FholAk6Q7ftBvnLzktiIOFEX8cu1JZDPS1qVXp+oVt768=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"63cb5dadcb23c4e25551f1e7511c5365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGuKD8ghWu5tAr6eMImrNDzl0Rp1MTZsZDQr8pa4Q5L%2Bf2X2WRwff6VKvroCEc6mmuCTr4dGHxIQdGjTbuqHYcYM8J4%2BAeqknDbkOoF6SrCSMoT8jlzx0RP%2BCOpRRpxxxzbt4Oz5Plg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398cc8d8f3624-FRA
3.5405c7d5a80b.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BZ837EP9QHVB2C7
age
622954
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SMAI9AQGVNCtFfBu0veoe+BCxP2kQTaPp/gfMJAtyCcX3q2wTUrTJcSbmhTprnEcT2IhBqCiLr4=
last-modified
Tue, 26 Dec 2023 08:53:44 GMT
server
cloudflare
etag
W/"b78f8a914b2aac0785a820267d8712d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjJAHclUo0AKbaR7cATTejFGrICdv3jfqJfUYCDlTP2LXAQJ1Qo3ecTTv79DtfEiUx2tP0BenArgto68vycTdzcM%2B5hdXbWKV%2BFv6DVLUUbtsOPO92JHrZxI56HeglIkdzdvY3luEgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d8c3624-FRA
2.f1965a53d878.elements-langs-vendors.js
static.fundraiseup.com/ 		295 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V0EJZW0XMZ9X8A
age
361965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UIQ1dlw0+6bcy3dETPWY5ykd0xB2XT43XD8bVWY46z6ohl4vhIeNwAPPntHiP156+IRu1qfrPco=
last-modified
Fri, 29 Dec 2023 09:23:28 GMT
server
cloudflare
etag
W/"86230c72ced6be65504232d51156f84a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3JnNYAfc3QUOmq%2BOH3qJoiVRus9sOibRX5m2CuS8rGaFF4vGjYa3aqQWlcbhyAFWTv8XQdq3Vvmx8leafaq4SgTX7T0umiSHg0Nz7t2ZDviFVjiPjqPL2JqLq542inWVrC33vvonPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d8a3624-FRA
0.a67f871726a0.elements-vendors.js
static.fundraiseup.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32VEDW96MM7Q7GYM
age
361965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
s0iqRR1SB2K7rHjPwEMQdtZknG1DuG0HG3L7tLRCx/kZ1WrVuUj8XE2JubYD3DPa1Uu3j/YhAEg=
last-modified
Fri, 29 Dec 2023 09:23:27 GMT
server
cloudflare
etag
W/"dc6cd5ef97018916a1e5cc76f51b6029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CsmsYuWSTA3YlecMtcYwmuXJ40WU1WfBODxMPezHz4suAci9skC%2FwPj85FfsQywPE3d7Y7hawwbnIN2ijwAiATgcPO6R1%2F%2Bhu8wRZqLqlXkiuhqd2gdWn4jjODHlitm%2FaTrItY1BLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d873624-FRA
checkout.677091bbeb21f0afc5db.js
static.fundraiseup.com/ 		311 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23S49AJXJ280CG
age
18571
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XpjwJN+7GWpCQJur1wSOIRn7CtPAhGzAgKKrMZwBBY+MJTgmtajqQNaLFmDaPCyAlmyRhUUrNjU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"52c4020f627c9a2863287f67e826bf65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABKUidiZB7Sloci%2BEbsciePbvpcII6WCzxd%2BFs%2FmFjZHu6TbRCIlta3Ew6HrZ%2FreDESfsPbBPtbXDf8dmuDNoramdD4NtnMauM7mEJH0GDHbnLxzPMTEHRYsCnoIJZ%2BrZ7iOxiy9fAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d893624-FRA
checkout-vendors.90571ef5681f68c03c51.js
static.fundraiseup.com/ 		325 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYYB1WB1XF6X4CC
age
970803
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pMOUC2kkzbzntFTzFntk176AwgIGXNLJsC4wJyUxNRGSgjypMm/TGoSDQ8Q7VcfdC0tBPgFdTUQ=
last-modified
Fri, 22 Dec 2023 08:14:34 GMT
server
cloudflare
etag
W/"aed625f3509871737d1044d3a87ee8b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMrZTXK9YpHBsZa%2Fm%2BO5wQoQzBqme9UyIMr3XH6CN%2F3vEoXjlqwC39Yzj2huMp43pBCkKHe6w7OqD37d%2By7QKkph6fiVopU%2FpRD3DavNrIMHt6w2xkbDguEY67pMPLIgrskqmOsKSGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc9d9c3624-FRA
checkout-styles.5314794eb173af8226ff.js
static.fundraiseup.com/ 		118 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2115S2FHS2FJ8E
age
18571
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jmiAF5s7SHbBbJjC3AxF7BidRCyl3wgkKMOC7Y0SE387oAPkA3+hX4YjKLR19E8L0FSE4bWCoUk=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"7d4d7c4dcf370f6ba0a1600c8277782b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3qwCX5mtuWpN%2FtGjsu7uyrQJOBFE4%2FVftGCOTFA8OxAh4WIxfbQ9nelMhRRpl1ZD9lcVSoGSm3qBxiWrmnEq7lBsX5HN9%2BxF8vPx1EoFqKXRqLpDdMmx8WngfumGZg9KC0cSIPhlIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d843624-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
09XBDAA3SM2T2818
age
1767352
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fpFrPbrSH4tZWSCdlVCAMexaq5cw62piaYMjldd1N2rsk2ZomnP5fdne57ONJw6sYgngSyTaICc=
last-modified
Mon, 30 Oct 2023 13:54:53 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcDYV9EzwaAOlV7JrXWfLBQo75c6BM7HxOCQV15GYTJy1Y%2FlKr7xc59Aa66e%2B4%2FqHd%2BiSoA4oySp02eTw0WXg8%2Fgzy1UQ7vjv23p22mPq4sb4FsPig6TB29VQuxgl2CU8rXSDj7aTGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d913624-FRA
sentry.46ead00774987992ad1f.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYG7TEAVBKC73TH
age
970803
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pVPLpC4JYH/X4NVh1NlR4Ynj1dLH9PNpzsAZe5ReZLApdi2F6+xSNQJAZ//8zCP5Cb8+ukQxQqk=
last-modified
Fri, 22 Dec 2023 08:14:35 GMT
server
cloudflare
etag
W/"d325c5401c790cdad1125c429c0a3570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxuEXWkgbGR%2Fe2STlM4ZQl9r9fjz7vxTBfUEs0RdpRtemWpJ3XxRU1MCTADtWX8zx9M8U6oWHfxNedeu49dNpUqXrFWHp7xMXMWPBNtOhDs4ppHFhem70ncO%2BurqmxRnmLSJ2gP%2FwmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d933624-FRA
checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
static.fundraiseup.com/ 		193 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V1X26CDRGMN7D5
age
361965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pIjuPcnPos85lH39JBlLZiwb9Pu/r8snzBifqqVVbYOK54TDXyBFp7ludYj2h8CcyvS6+yqbYDs=
last-modified
Fri, 29 Dec 2023 09:23:32 GMT
server
cloudflare
etag
W/"a841186be43e9817bb06608166c38a47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erEwb4GqJNy7j%2BnQXRm8aOdHx2LVUuBD2MvKmiieH0IxaOY3t1150RrOwMRMIwktuez4PbGOFm9mZY%2B0H67Z3WyT3WBax%2FhChExljyd9uNO9pBzuk5XBRjuj8x2gfamCKmzCuAWbjSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cc8d923624-FRA
rum
www.marchofdimes.org/cdn-cgi/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.marchofdimes.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83f398cc7b023625-FRA
tb
fndrsp.net/ 		2 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGuH5chV1QgG1X%2B4eDgrC%2BtyW%2Fu26ulyN1WntG8meaBcc567bz0bKc0PMKj%2F%2BlbejCZo9uFqR%2F30uWsD9idu6w%2BAa66vjHZ1QcrNg6hc63dLhUppfknrtoTSi%2Fw2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398cd0e875b7a-FRA
alt-svc
h3=":443"; ma=86400
resolve
api.fundraiseup.com/checkout/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/checkout/resolve?key=AJPYNTWD&livemode=true&livemode=true
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dc9f56ced90cd16e3f880a98f0c4a68a924def1574472a0e41865a59db6148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

fun_c_status
HIT
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
fun_cp_status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fun_c_ms
12
alt-svc
h3=":443"; ma=86400
fun_cp_ms
112
fun_t_status
MISS
server
cloudflare
fun_t_ms
151
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeMe6uEsoaRHOHrmCeXfseTRuq2mn5QXu7zVxvnypwXHvSiCMtp%2BB%2FaVhabOiZXZijtwGSCtDGJkJ4oimurpvrex1oe5YYuJsz0xHJkJ7Ea3FR%2F3EQ0aGK3BbHJuQLFDRa3tPiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398cccdde3624-FRA
XTDESWHR.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XTDESWHR.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSJGVQ4DD96XP9G
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QJBzEBO5NZHo24zaUM+DrqzdISA1KIvKF6gBF1f4uxX7yaHxzAxLdcdpBS/sATZwGgXt1fgHA04=
last-modified
Tue, 02 Jan 2024 14:10:14 GMT
server
cloudflare
etag
W/"88a40ec077d8e3a73aff5ba0a8ae0127"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R93AMGuMJ%2Fl3P2ZwP0lUdqc43XQo48H9rK7QIqywETXSRARsZHd9vE3KCIPn5kqdGNfHnBVeXZXZy1cE0B%2B1yTrjPT0wU6F%2Fie0CoDfYWemr%2B4bQC84XJqyauhKHS4SIQd9ByHbIBCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398ccbdd03624-FRA
XKPELUWA.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XKPELUWA.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSQ0XNR5G3PMZQQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wMy6XrMl3YsFXIjy3o9XtpQnZ2OCBJu5Ri+3n3KFuXO+/D0JgIYOi31j3obx2MIPirtkSDxOqGU=
last-modified
Tue, 02 Jan 2024 14:10:19 GMT
server
cloudflare
etag
W/"d9ccba06a738c5e01e9a85a29f1da6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8SxDhQQQpoOiiuPDFZOH9S71684NuuCpmFjTY%2FgvovRbHylceZi1a4bI6jWM2nUo1nia8qgzszHIuHSa8ZxchmO8tSHqtqh%2BHZ3Ae3cWUX9k6U46NgoVawMwJSIqji4xIsHB3ra6rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398ccbdd33624-FRA
XXTZBBEE.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XXTZBBEE.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
22Z5V03NZ476ZS3G
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hPKkouFPTpy8iTeQf0AyhnZvEfyiIHHccFrLCNwolKp9SdK9VUJK8xr/ltNxy3ACkOVitCI4lMQ=
last-modified
Tue, 02 Jan 2024 14:10:23 GMT
server
cloudflare
etag
W/"e6e67bdaa2cd00905d537372a5883457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtIG%2F8CkSmznwMBWfxQ8%2FDsdxzEpPrA75MXsgzAq3uEz%2F3w1IMx1%2FsgEfiCm2dKYfo%2BYy%2BND22dtNb00oaABTJ0%2Bg0zuY5kWsglnFS2ClER3X8JtX9lEJh5zVycZ78ReXi8%2FXk%2BfOvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398ccbdd43624-FRA
XPKFWDNY.js
static.fundraiseup.com/embed-data/elements/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XPKFWDNY.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CG3E81HYMN82VGAA
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QZPlOFJaViOYCs2lvYR9Citf8iPfkhYPR7LDPkGRz22R7Q7lp3o034xTdj09me9hQrv5pZyxXXE=
last-modified
Tue, 02 Jan 2024 14:09:11 GMT
server
cloudflare
etag
W/"b6f45d082613bd164faa1972ab35be8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lMTDAz3pfb2LBirCxd49Ei35D90xxntqTfpRSPcl%2BaSQksrvNB9SJpCoAukOXDNdBSdsWDDnAMVFNK6m470Z%2FcmFXxIlINd205VZLc4HE0dHHtbesnpaH%2BhiahHAaaHWstpFiq%2BjNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398ccbdd53624-FRA
XJLGKPSJ.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XJLGKPSJ.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTHJRRZ2ZKM4ZPN
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8QJDrI1v242LeLVWKrbJiCFLXVnbaL1mmZFJ/A+XsyGVla88U0kNRPAPHZTKCQa6T0C4BSSei7E=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"d0e28a7707e3fe1515e6d50b834b1cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmkD7Xw5VTOZDN6Hi4Igq5CNfGgM6Aqsai9hECAsWA3fJJNiwLMSG07H4liYwfpSiORmuVRnL9QpOh1U%2BynVWTAzOtw00agXbJWPoAu%2F8RFoT4jrVWBVeXNF3ylmPgpplN02WBASoM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f398ccbdd83624-FRA
en.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 		91 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9694
content-md5
pmspCWhZwPW8+QqTyR8o7Q==
content-length
18521
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:14:55 GMT
server
cloudflare
etag
0x8DBC992E56CEEA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
196f8fa7-701e-0078-5644-149a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398ccba8b03e4-FRA
expires
Wed, 03 Jan 2024 14:12:25 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
889
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e914481-501e-007f-5f93-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cd3b6f03e4-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
6614
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3b583b4f-e01e-0055-63e6-1d2908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cd3b7103e4-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
889
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9428b29f-101e-001c-7a80-226be3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f398cd3b7303e4-FRA
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5c25d6c7c32ace82a47c825606f5effd4d40903a20b6f5dbfa174952cf7c0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86169
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:25 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 05:33:55 GMT
Content-Encoding
gzip
Via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
31113
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
k6klugwcnZ2TxuiMrQDT9QlphSeeesggAU0aZ7FHWHVplrCNC_rIYg==
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8832015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ad0e088bb0c6a3f8acc32a2f155b995dbb261c11da392a3245e42df358cc8b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67491
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:12:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1448
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:48:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335104/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CPjc27vK9QkggOQSCDqJ5FsgXBZJ9dxj
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:12:25 GMT
x-amz-request-id
MCBHMDAX4XV4X5K9
age
172
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19973
x-amz-id-2
Gdh6a7kMxGRYIpWOuCzSFvhR4E3KDxWynrs2sa3oG9bRYceZhiCErA/obJzxc93k7Zusr8xziLA=
x-served-by
cache-fra-etou8220032-FRA
last-modified
Sun, 31 Dec 2023 11:30:35 GMT
server
AmazonS3
x-timer
S1704204746.853317,VS0,VE1
etag
"4c28249a704a2eee05e8cffeb2135111"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75740
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:12:24 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56857C9A6B954E2C91C271D7F0F36B4C Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:25Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
8832015.fls.doubleclick.net/ Frame 1094
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;u...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dm...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
0c44eee2a7a61e0ee06f0278ff7d01069ca06138096b8d7b13edb84532ca3fb7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:26 GMT
expires
Tue, 02 Jan 2024 14:12:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;u...
8832015.fls.doubleclick.net/ Frame 0414
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
0c96ee297df66fbdf05831e5f6ab322447131a2a01a8e953f79254bec58e7dd4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1752
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:26 GMT
expires
Tue, 02 Jan 2024 14:12:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:12:25 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Tue, 02 Jan 2024 14:32:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
yXT6fjyrZKad6R1Y38gj9YMcVeZqDRmxgVwew2oYU6VWp3ljd80yOOj75x9lxXxnVKlVqfusPxTwCyx3s7YUew==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/101125894/ 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101125894/analytics.min.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
83f398ce2f5a37f8-FRA
vary
Accept-Encoding
B21591273.227039140;sz=1x2;ord=37949332820
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=37949332820?
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
d319171b6b6a8302b775fac4701505feebff71b61372b08420bb3a57427b04f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50505
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:12:25 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f749df1a4db9a53002a1c7f3a6f564ce0a14bf1c60e70c17fdf20fbb5fdd9e02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
407d3867
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141225673488AE51350B3B98F2-3303E2BB0B30311E-00
x-cache
TCP_MISS from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
content-length
1939
pragma
no-cache
server
nginx
x-tt-logid
20240102141225673488AE51350B3B98F2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,2.19.119.77
x-tt-trace-host
01eadde68ca92b531abb75c2e751716c3b19d195300cab2c17de0e7a3ecc1495d3599c70998a778aaa5e5d4e7f3dc8bd0bde27adfe36cd6d9ad58de8b8fff9d931dd10915246984664e36fbe75c85b74215798516510a600984044f4df3df9429d
expires
Tue, 02 Jan 2024 14:12:26 GMT
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-57.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
59
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
poyr6MYWhtk0STjbIEnPz_rU1GH5Z8a2EVLMiVUPF6LqrE7dR1lmpQ==
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx000001bb82daec29e1fab-00646c8ee1-3295a825-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
B21581475.237971066;dc_pre=CMfzhrTxvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CMfzhrTxvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CMfzhrTxvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CMfzhrTxvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B21581475.265419780;dc_pre=CK7yhrTxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CK7yhrTxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CK7yhrTxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CK7yhrTxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AAF602NEP314STH
age
2179715
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GAZAeaRCADQ/DIW6gK/+G4gRxi1A1IXrSs0pb1x8wcBf067A6ugNWnRKymJK2KC69xznj1m8JUE=
last-modified
Fri, 08 Dec 2023 08:26:00 GMT
server
cloudflare
etag
W/"f57799c72cbd1c6941978c660aaa9f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEkiIwFKNKAMrH0%2BZuXrbB6uZihZAGqorVAs2Y%2FQXwLw5nIbeSqJdKRBYNPpAQ%2FfVEiTYHF%2BeHC%2BLks7IS0QrIbfJgiOsoAlWbncBk%2FkOoK9zUduElwavh1AdlnfdIIPP%2BjLxSCuwr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cdda7b1e5c-FRA
389.813e7f9b9882.text-link-v2.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/389.813e7f9b9882.text-link-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V80D42BV5C29VN
age
361952
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2xDHP48ufjvN6vA7Q/Wley56ZX9C7uhe3zRp5csA1noGm+RbHqzDCj4GafmzkbfAj0xVpWq5xpQ=
last-modified
Fri, 29 Dec 2023 09:23:30 GMT
server
cloudflare
etag
W/"ccadfbcf047d907051c579f0f7f797dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZonR5UWUVoATmX1cp5zqK78fI2NQlLmfOC7S6NgdKAiPyeXVRb6YD5e2u9kmWVTzNDW5Fn4bbXgpDveg69swkMKEL%2FoZ2WDJjsr42pq8WvSpK%2FtkSTYusBvv1Y%2BUxlBh1a%2Fsyyovuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cdda7d1e5c-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
72016
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a9d61206-701e-0078-3ca2-349a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f398cdec4303e4-FRA
MOD_Logo_Donation.png
cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/MOD_Logo_Donation.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OUtpBJgltqUBYxR5JoTCtQ==
age
36103
content-length
20107
x-ms-lease-status
unlocked
last-modified
Mon, 03 Feb 2020 15:42:50 GMT
server
cloudflare
etag
0x8D7A8BFB9C0ADEB
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
6e9418ab-501e-007f-6a94-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f398cdf9911c05-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
27420
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f398cdf9921c05-FRA
307.3df928c14096.donation-form-v2-styles.js
static.fundraiseup.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/307.3df928c14096.donation-form-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
37V0BWKB9M170ZXR
age
361951
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l/1NG7muFM9LXe3CPaQhaK519oQUfwrzgGko0Ei+xySHCe8BKlCfPuCEki9Qd4AA5owaJ+haW4A=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"7b20bde1eae8635ea029b426c8f07f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoL%2BlN4BPEchDA9TixYnDmglg89AgsjzV%2BmDJNQKfkocDZUouAkmgxN8UNmtjq5rh4x41VRx8RC9zSwnYps5fng7jeRk4aULai383MiO2PDwMGuBpp4dt%2BK9BU5mq6XiHpvPKcYiNl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cdfac21e5c-FRA
305.1b1d79659d99.donation-form-v2.js
static.fundraiseup.com/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/305.1b1d79659d99.donation-form-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
C0VYWYMFKB2ZZGHM
age
361950
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oTXdp9V1gPQSmu+g2iwllUHSGXc8gmfvvmZa7O3GUEa5VMaodtOU6HgjEZHNgHi8QhyNXowtGBk=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"6e5927e25767d3d52a94d444fade75b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1m2X1nThtX80f0lTUiN%2BeBdMu%2BkFa6zQQQHPQg7cagpTaQHN2QiYe22WHgeoza9R5i%2BqHBG4mkdxZGV%2BB0m3kZAuA7ud0tbfZpfWma2Co69tB%2FdyUkF7abMUsRPQ0Pi95zkm9%2Frm6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cdfac31e5c-FRA
json
trc.taboola.com/1335104/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1335104/trc/3/json?tim=1704204745926&data=%7B%22id%22%3A512%2C%22ii%22%3A%22%2Fdonate-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704204745914%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%22%2C%22e%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0003%2CC0001%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704204745925%2C%22ref%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%22%2C%22tos%22%3A9%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f41ffb95941975651275eb091c39bd5401f76ac58f85b5b44af419d625308f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.27525
x-fastly-to-nlb-rtt
7989
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220032-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704204746.931012,VS0,VE27
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204745929%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_mediu...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&cookiesTest=true&liSync=true&e_ipv6=AQKo_EVBNPb6YQAAAYzKhL89UfshnCnQaaAMvmbDrV9oZ9_Clfn1nM7W3OGhScmuRnowTBDZix3U8Q
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E2821D76E3D544169960AD4F37A6DB36 Ref B: BRU30EDGE0822 Ref C: 2024-01-02T14:12:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xaP1QIt0mc6XlC8jA==

Redirect headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F1852A4AC6CA48D785472ADBAA332020 Ref B: FRAEDGE1405 Ref C: 2024-01-02T14:12:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204745929&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&cookiesTest=true&liSync=true&e_ipv6=AQKo_EVBNPb6YQAAAYzKhL89UfshnCnQaaAMvmbDrV9oZ9_Clfn1nM7W3OGhScmuRnowTBDZix3U8Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xaKvnqUfc9CdpU0Dg==
collect
www.google-analytics.com/g/ 		0
166 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204745664&gcd=11l1l1l1l1&dma=0&cid=1837972625.1704204746&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704204745&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1734
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94a7328f1947124f4304736cdcb0f157b21e78b6fe2fd2f4b4f856d29dd17c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75692
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:12:25 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ef8157e67410dfc9624b8a438e6982bb8aa002e13cd3da6a42bea94422a6c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80865
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:12:25 GMT
up
insight.adsrvr.org/track/ Frame 6DEA 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&upid=b8lvzxo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Kestrel
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1632436551&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=553789887&gjid=744428808&cid=1837972625.1704204746&tid=UA-219864-60&_gid=327169869.1704204746&_r=1&_slc=1&gtm=45He3bt0n81WNJ3K3Pv894218235&gcd=11l1l1l1l1&dma=0&z=2083509282
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
25017097.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25017097.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB2F73C8925B43F09EB59DD896942669 Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:25Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=3c799be3-66a3-4a0d-805d-636b64eb56d8&sid=f498ee50a97811ee9471532f08a019e7&vid=f4990800a97811eeb82de154e63fadb7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&r=http%3A%2F%2Fgo.marchofdimes.org%2F&lt=1372&evt=pageLoad&sv=1&rn=734327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F607CDBC398F4763930DCF27F3071C2F Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=02567916524892737&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&cht=ot&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
6f924bc2c2ce173a2d2159f68f0a5c06
Content-Length
54
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09627484140057818&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=Add%20to%20cart&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
287396a418fb5dd74d715d7499b91e68
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00cffee659fe578dc2dfc7fa0fb839455e,00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
X-TraceId
e376016dd9add7948d9869856be67be4
Content-Length
39
Content-Type
application/javascript
00cffee659fe578dc2dfc7fa0fb839455e
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Content-Encoding
gzip
ob-sent-time
1704158459218
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
57b83294c6ee72d141c3c6b514b67f82
Content-Length
22
Expires
Tue, 02 Jan 2024 14:13:26 GMT
rules-p-4LjrHyeV3QUW4.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:02:30 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
596
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:45:31 GMT
server
AmazonS3
etag
"52b67ed0d6de08757c0affd0509ae576"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Txyu_nPTJvOxolVf4VfHOiAHrIyP1LEmMIa2em1tjASx0QFOOZ38_Q==
1621384747882069
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621384747882069?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36114
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
poejkQKNJDz8uY1CocR00MHljKx1d6oDx78CXMJQ/9A6IISA5W1vVqhHWd6TsXXFdS3zhL63LxdV6hqiqO7hZA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame FBB8 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AR2AXRS8DTR59APK
age
2344948
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
dHgD6bq88io6Eo+rNLsYn5iQoAP+Mr6OUPe/k08nfTwOz6Ago7Wv23k0kDBVuggy1SUcs7rZguA=
last-modified
Wed, 06 Dec 2023 09:28:26 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRggXdKNDxfkVI6XgVEWl2%2F0j2%2FeAOREwY6nP%2B8os52WAid1YZtHlZ%2BqWPR411GrZgB0ksAouzAwUdWI46jvlqApIvSN5xF5b7fILHYMDhfBr6tX01v2OGGuP0kYDgLv8%2BY3t08SnEc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398cefe973611-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame FBB8 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
84KHK3DVRCQNMP28
age
2348251
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
5M6rlAJmAHa7aXcdxLThzK8qxRv7t6eIIFLQAAAFkD245N77bXA5uj5pZnhgdpbZpJ80oG7ss/U=
last-modified
Wed, 06 Dec 2023 09:28:25 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCrELfun1D%2B50FFGfZvKB3PXOzlZDPfBz6i%2B%2FHEmKIfifcWbUEiIfzrNqu2%2BixahVYx88M4pRh5I7CiYkpZShsqJKsJCu3fcLRRsk1T1hmaXj6fy6uErs5UrPH0OsABYKi9LgVqyUe0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398cefe923611-FRA
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:12:26 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
114
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220032-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704204746.073370,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
8
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1144
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=37949332820?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
59298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:44:08 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuH1dh5OIoVCro8d1bgtGiIBlt7YrzzOXGGwtCtc2eKRT69sFz_ACCpK5rbH0n-IaNGj9IJsrZT8qV0j0w0hRVSHgFcJE0Y89FqYsfgc-HWdBVI16lZiBQVBAmTY33zE_QrdVB-H-ga-ZY6HFmdQGBbCFBtdg&sai=AMfl-YRNjhV02rl16aeJqX9rs86zPZ06i5za1vCmXuh90VJ3Epo57-6p31NoHXoIJrEMjt9mPFRusN2zF6usNXY&sig=Cg0ArKJSzCBleeDyrfAREAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20231207.88353&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=37949332820?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1704204746094&cv=11&fst=1704204746094&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=544842920.1704204746&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
893e6c401a64d29be92bdb793decbf1b21a067cd8a8102aa3679c34b010f17e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1544
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4537.6416dff170ad2bc44ace.js
static.fundraiseup.com/ 		255 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S21078K2M5CGP2V1
age
1829653
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
v1kEekxeIzjHkCx5RmMfQ6uoxu6GZnANGlUiQXWxLWjfeG1ESexmcpLa0nvFm32+NN2KZBj8do8=
last-modified
Tue, 12 Dec 2023 09:38:59 GMT
server
cloudflare
etag
W/"6631e21e1b1afb4c947a250e1103a883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy3wEgngyeH4WgYaZvKrB3C36Jh9%2BNv%2BmZ1KuSRByRNfC7T0GZQaIb1DspQ2Chn8gKn3q8iTCfwpW0fOqVcq5wXbliemtJHFvakLfQgGn0sYZGv0QyYQF%2BDTJSagoABnZzKuwFCuf6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cf2c711e5c-FRA
checkout-locale5.7e0a358918592a77200a.js
static.fundraiseup.com/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-locale5.7e0a358918592a77200a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4TA0TZRRDX7XY7BT
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Aww5YaBX2qZzkFks32BHI5cOZFwomFDCfd/pHn2jngEynBn4rIBlx31WYJ2KlJGm01HK/aZmj/M=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"56b3b76377ff34bb2c3f1fee29151d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c%2Fc93J1QMz18iv1sJfP9Dd%2Fvn55v0FUC35H2olLAhla%2F6Ly4w8u3vGKFbMww3NQDnbDnD%2FktPdqCN%2FgM2VfKzZFwyDjw%2FJs5ejSMDlS3oIFiykwPEhYm%2F407SXozD4t1EzqjycaJ58%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cf4ca41e5c-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1704204746135&cv=11&fst=1704204746135&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=544842920.1704204746&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05b738465c25ebf51524e027d957e52b2b0e10e92952501a908f485c5030297e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1546
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MWNkZmM2YTcxMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		420 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
407d3b54
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202312211226047CDAB5B38F850767761B
x-tt-trace-id
00-2312211226047CDAB5B38F850767761B-04384F7194F42BC1-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010e46bf146c9c8ac9765c9c1518f31c2c09938b0830409196486b6f3fdda0757b0735663e6f54a3c3237d6f191fe3864f048ffa7e9b317b5b87c66fee5f5424e5589cef99570870d5e55f34deda8f0b4ef8678c29b9851cc6ba553c2d70fe5586
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length
113162
pixel;r=582230728;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dma...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=582230728;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E;ref=http%3A%2F%2Fgo.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-134860008-1704204746001;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=marchofdimes.org;dst=1;et=1704204746149;tzo=-60;ogl=type.Page%2Ctitle.Donate%20Now%2Cdescription.March%20of%20Dimes%20donations%20go%20towards%20lifesaving%20research%20and%20advocating%20policies%20%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-11%2FJAJEES_v2%252Ejpg;ses=34fea447-3f92-48fc-ae70-e00a1b6cbef0;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
bounce
secure.adnxs.com/ Frame 1094
Redirect Chain
  • https://secure.adnxs.com/px?id=1282070&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
an-x-request-uuid
3d0f6cba-6466-42a0-a2f1-0f9dc054e18c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.58.247; 37.58.58.247; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
an-x-request-uuid
6d2c7a34-e69c-4cbc-b92d-8a22953de22e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.247; 37.58.58.247; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 1094
Redirect Chain
  • https://ib.adnxs.com/seg?add=22494154
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
an-x-request-uuid
1830d81f-f1e8-4d1e-9376-a7376602fe96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
an-x-request-uuid
e8c6814b-41f1-4e43-9c42-5bb6a6f1e067
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
adservice.google.com/ddm/fls/z/ Frame 1094 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame 0414 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&val=&tn=3468807134180&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Connection
keep-alive
X-CI-RTID
085ae351-cfa1-4086-b23f-4563a07e78da
Content-Length
0
p
e.acuityplatform.com/ Frame 0414 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 0414 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=438069222;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 0414 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref...
adservice.google.com/ddm/fls/z/ Frame 0414 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame 9DC1 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204746&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&val=undefined&tn=undefined&p1=gtm.js
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 14:12:26 GMT
X-CI-RTID
01cadcc8-8197-4f18-abf1-a8efadad5191
/
js.stripe.com/v3/ Frame 9F42 		579 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
40
x-cache
HIT
content-length
164503
x-request-id
a0c58b39-834e-4358-b7dd-4c6f106420cc
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:47:18 GMT
server
Fastly
etag
"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21
/
js.stripe.com/v3/ 		579 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
40
x-cache
HIT
content-length
164503
x-request-id
90eee6d7-5608-4f9f-bf71-e45c9ccbec52
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:47:18 GMT
server
Fastly
etag
"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
22
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312...
850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
23aa875faf380e6fc17fe623d2a768951cfe504772d40b55ca4dfb7f1e133b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
689
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204746190&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704204746189.161007692&ler=other&it=1704204746019&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 1094 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75739
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ Frame 1094 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:12:25 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2DFB374027A4C8281A8E319C4805B1D Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 1094 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:12:26 GMT
events.js
tags.srv.stackadapt.com/ Frame 0414 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
69023f3a1a61e70282d1cc35ee1926b4cca01d0e49e45f2b19d7b5c48f09a84e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 0414 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:12:25 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4D12232847444F68A6DB5C9D25244C47 Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 0414 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:12:26 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 0414 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8DA78j3pHQjJhbx82v1+4V1JSsYPnjPnRO1x3JMBmuOirJ+CulHhHc3+PFD619L+UvKfjPPop+5JvzeI6rl76g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
pips.taboola.com/ 		64 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
711a23aa01c797384574ae1a5d558ce2aab4c91feea32385905352bbb073722f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220057-FRA
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08338496515085505&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
3efe608ccea4b617fd86ca1b6104e54f
Content-Length
54
Content-Type
image/gif;
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204746203&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1704204746189.161007692&ler=other&it=1704204746019&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4149.32a922016f7e5178a83a.js
static.fundraiseup.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4149.32a922016f7e5178a83a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0FDJBF6JNXW377EZ
age
1056710
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M9Y6yyid14CbuqdL2luIREyU5SlLsWZUR+UTojcF4OicdaM81KGbG1gAipQEwVrRrd1sgnW8E1V7zM/ywIn5bw==
last-modified
Thu, 21 Dec 2023 08:15:26 GMT
server
cloudflare
etag
W/"445f9c6560ac0fc0117d54656e7319fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHlrSb3ylh8UUQgC%2FqqZjV3RURyR2rK9UufM7p%2F5sCUhUWwzvgvfFwK4tm1Bfk9I03YpHZEw%2BHjuE9Ppg7WwMSbxEUaaGyk3IR3NC%2FDMd176GdEJpA%2FgyphlUPsindXRJ5j0JKqlWws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cfcd581e5c-FRA
109.85cdd6cd186cb7f30f03.js
static.fundraiseup.com/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/109.85cdd6cd186cb7f30f03.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4WETSTFADH4NHY3
age
970750
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iBNClBHeoILhh1uDQpwGtjamsJKoOL6kwX6+tO5FDX90uGPuGi+tS1QOKlmd+oZI69/OJpytVGM=
last-modified
Fri, 22 Dec 2023 08:14:13 GMT
server
cloudflare
etag
W/"85e49c2822c4eaabf5554ff2a96c10c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDHUH7iaUL%2Fvcq5olDtSNcc7DpCiRVNmYpFpRvjvrspkMjutoVqFpJSCTcTZ8PrgQkjmy7ZRc7vFSeF%2F5VxlichekYbRrSrXaaerCf9ohSOq6IJpChyxNM0go3O6JZENMm8VfwrYQbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cfcd5c1e5c-FRA
4022.1aa6f4635e0102fe80c7.js
static.fundraiseup.com/ 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4022.1aa6f4635e0102fe80c7.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4BHADA1K588885P1
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zJjc2vT5WCLRWtxjScvbJU4W/rlkiUryc+d39SXUDBCVNOiTJh7mWBjDmcxdEb4zIM+5Zb2b06U=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"3ff165845b9f2369bd1e145b654836f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdK0%2FmO6ecri4S0yHR1WLrfR00vupnsTt2MsHwjgdimzH4QeQB7Es6yLv5xwiuiqkulW7sZxCrS2Yd0M4%2B9nwyJRQ9VJp9J5m8luRRAHP1g5KVZPCCM5cqfszLMIRJGMuiikJGd7AZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398cfcd611e5c-FRA
/
sentry.fundraiseup.com/api/9/envelope/ 		2 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.fundraiseup.com/api/9/envelope/?sentry_key=e4f08d23cf4e4dd080d8b4853ea3f102&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.160.4.235 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.marchofdimes.org
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Caddy, nginx
content-length
2
vary
Origin
content-type
application/json
/
www.google.com/pagead/1p-user-list/794610601/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794610601/?random=1704204746094&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_b36B3cOmvYLVvMi-z0R9kA-jQG57AxXMNMHoToMsA7mJkGas&random=1073550716&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ru/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ru/pagead/1p-user-list/794610601/?random=1704204746094&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_b36B3cOmvYLVvMi-z0R9kA-jQG57AxXMNMHoToMsA7mJkGas&random=1073550716&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/ Frame 1094
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204746219%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQLjngETOZqy2gAAAYzKhL-Mj-e-TdT_fWmsrAjJmTZGm5NDo8GFURVYt...
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQLjngETOZqy2gAAAYzKhL-Mj-e-TdT_fWmsrAjJmTZGm5NDo8GFURVYtNdXfHXPagScCJdvNMgbug
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 18BC9F0D99534D1493FEDC5F7456FD68 Ref B: BRU30EDGE0822 Ref C: 2024-01-02T14:12:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xaP5B5fm9U52cWvfg==

Redirect headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F49091174ECE452EB8923B3AB2063CBB Ref B: FRAEDGE1405 Ref C: 2024-01-02T14:12:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204746219&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQLjngETOZqy2gAAAYzKhL-Mj-e-TdT_fWmsrAjJmTZGm5NDo8GFURVYtNdXfHXPagScCJdvNMgbug
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xaMHsgTWaw25hqVVQ==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 1094 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
pvxriGkmsuX5d3o4i_Pa2aCndSIYsWW6IRHzLI4NQb99JtZjyOLM0Q==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 0414 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
la1tKJeWcrqTl12tndYk8iwrX882IR0jiKVrLNRYn4aibTym4xRfug==
/
www.google.com/pagead/1p-user-list/1071894384/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071894384/?random=1704204746135&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Hpzx8NMg4SWyijAuFugDgNNNGVsfGimaq0TR6jFyqka58V1q&random=3519156324&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ru/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ru/pagead/1p-user-list/1071894384/?random=1704204746135&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Hpzx8NMg4SWyijAuFugDgNNNGVsfGimaq0TR6jFyqka58V1q&random=3519156324&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
812396462484872
connect.facebook.net/signals/config/ Frame 0414 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6VhvV+6MOjR9SfD8hq09bKVy53aGg0D29v0hXnsZkIixNTCvYjUfGcGGJc7Uqojkz3/23ZIQ7AxyWdBbFKapMw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 0414 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 649FD702C3684611B9F2BAC5536A1999 Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 0414 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=d1263db8-495c-488e-98f0-cca9b4b61b1f&sid=f4c103c0a97811ee8c995b5e3b6b77b7&vid=f4c13e50a97811ee84fce3bf2ef6c916&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=326&evt=pageLoad&ifm=1&sv=1&rn=434695
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 27CB9F6E6AFC4095BBBFA2EE5A7CA03F Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
2868452210503758819
api.fundraiseup.com/paymentSession/ 		580 B
932 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/2868452210503758819
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5778754fa488cca8815535c8e42d4d207701e175e1898e1ffce43e6abaf218f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
157ms
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DsB2srnnOSbvnKslt8C3E%2Ba%2BkdDZtPDd%2FXxFx8y%2B6CTtBBJvRS3u6z9PE4eBFips8XF3lRKE%2BzcAbuSM%2Fb6WB0fORfCV0TQWE0RpkVY1%2F2tw9cBDggEtlcaDTJK0PdaJmpW%2BJ0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f398d04e011e5c-FRA
expires
0
5021.69a8a47ee2972d7403b1.js
static.fundraiseup.com/ 		253 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5021.69a8a47ee2972d7403b1.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KHN27Z1109N5TZ0X
age
1858070
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yoDNNROVaeK+KyQahsxI40Riep/BjDLQzjz7WDpSbAXM4VmbvVP9a/xQAmys51+y6Gle++dqJUs=
last-modified
Wed, 29 Nov 2023 14:59:27 GMT
server
cloudflare
etag
W/"d4f127ab7620fb2bfb2e93a462d59163"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn8ViUEDZutRRs8rSkjFHrjyFgTzdPAS3sqADBLE%2B2Ej8FbKGmq%2BaXx8fGjwPgy%2FC3BcN9tBNapb535VCGgOZWvYu4t6etgdYmrOxvErXJXKJMMHPIuumCjHBxK1ItTGHIPaqJ6VmSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d04e051e5c-FRA
4365.3c47b14cec912f3f2597.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4365.3c47b14cec912f3f2597.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P4DEQY4WVMCNK2CE
age
1315497
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IUqlUZqbPFPRu0uCKnkJx5/I34lb4UlkNRyYmJN9eqY31bzuHf/G/r8IkT3CRmw+ot2lwUkkdkA=
last-modified
Mon, 18 Dec 2023 08:17:57 GMT
server
cloudflare
etag
W/"e235a91c7b1026c12729b0ccc59690b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O3a8xKqY6zB1qUTfyVGF0hgHWMb%2BMW4UYpWLGVZWHfUMvIV0WPY1VRNPFCwjvu%2B9j%2Bxe3eEIQ0GZkJPG8FNiQaylTx%2FFSifT0%2BmQEMbeYFQ62tIBTJOQaosqUlw7%2FAL23eQqFeVl1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d04e071e5c-FRA
9722.efb7c58e3e474cbf152b.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9722.efb7c58e3e474cbf152b.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7PQ36M7YYB4VH9P7
age
361861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5eUiMwtyVj/tjPkazVDO39iFbpBhybnUjbSTrQYjYOuDK+Aje2H5XhnaYitI2CtQpjRn0ax7yJ0=
last-modified
Fri, 29 Dec 2023 09:23:31 GMT
server
cloudflare
etag
W/"ee5cbbfe6c1f87870f508d95c1085e92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDBJaqNpiq6pn9MKCnOcDN%2B9wDNOYGqjC4rNU7Ewt0fWfo9Md9YQg8HoZlVx9ZN21bSAY4upNntNZmYXgv3LC5iGuKWR2ntrO5vy8%2FDliTt4oHNQXuGKR9kz4rh5j2ks8dRHQGvslYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d04e0f1e5c-FRA
6267.5aa879fe84868b48faf9.js
static.fundraiseup.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6267.5aa879fe84868b48faf9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4W91XF6R40ZV97H
age
970750
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
na7dnXt1csz1FVSwoTIPfz3r3mioeC7v/E+Ru7bQNLEpfp5SAVw8HI5oRrMe4ZVdvgeuDkC/4CI=
last-modified
Fri, 22 Dec 2023 08:14:28 GMT
server
cloudflare
etag
W/"fd37e6df21da71bc4f7e20d1d5c66776"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAPGyGJ9b5j%2F2pWslMLxNINJERYamvjgG3SAKzhKN%2BAbI9JJG21JbReM8NWb9vTw6G01%2Fb%2Fd%2BxInmsv9zJSYOWB9mpfahMx%2BmPLOTXHmnoiOR6ZqHSdsz%2FSuuIMpoFTo12cZj1YJs4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d04e111e5c-FRA
1546.acd6010561bea827780c.js
static.fundraiseup.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1546.acd6010561bea827780c.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SWMPXYTNC73RACW5
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1pt9vMIHDcZ4XBb9NSIBIQMmwEI0DyP8vbSoVeTlTm526PA3+57AkTVTfhRsBuyWbrLbb3wfuVA=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"61b4f037d3e70607ce2de6911ed45e37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrkI2wrzEQoxcdd6Cx5SPEuw42GfWmDYW6QTHwUJZBH%2BpXrAPVWqPCBLl7v8uNw9lGdRA%2FhDJl7g3dIoG9W4PK%2Bqfg3m4qUnwnED%2B5RCizA%2BCvx%2FQ3vFfZ4E7a%2F6kPy22yX2N8WkLPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d04e121e5c-FRA
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49&uad=a00a890d351c4219b9e1c6dea503decd1dc1ad4125e4d6f81fd705d27325cbf1&mbl=ZmFsc2U=
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
no-store
server
nginx
js
www.paypal.com/sdk/ Frame 9F42 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:12:26 GMT
age
58
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f3766499c2a02
server-timing
"traceparent;desc="00-0000000000000000000f3766499c2a02-44d7377aebae13af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79959
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3766499c2a02-e9ceeb38f897edc7-01
x-timer
S1704204746.466453,VS0,VE7
etag
W/"13857-AG4O1rLG9TW0jCSwL9/a1psyNB4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
407d3d2d
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122558D600582FEA2032629F1D
x-tt-trace-id
00-231221122558D600582FEA2032629F1D-7BEC15D3A54F1C74-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01985ab99f5828d68d3b1e7dc3fa60c2d7595bd27ca8313e9b0a006b023167466d7964a75e79e712c749c51cfa05c07189161a661d4d3e4b124f2d4bf75e5c9ed229d5783d6932b8155eae641e2d9e21b443779db7b24ffa6c9bbd533df131ff9f
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
36235
pixel
analytics.tiktok.com/api/v2/ 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
407d3e08
date
Tue, 02 Jan 2024 14:12:26 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021412261523DEFB3AA7603A6614-3E03433BE0A96B7E-00
x-cache
TCP_MISS from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=59, cdn-cache; desc=MISS, edge; dur=5, origin; dur=156
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021412261523DEFB3AA7603A6614
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
156,2.19.119.77
x-tt-trace-host
01eadde68ca92b531abb75c2e751716c3b19d195300cab2c17de0e7a3ecc1495d3c69e1c941487a24a88c9f6e0a393c6ab106653b53ee5e08d520ac54c051e7103e7ee9d0928b51986f92ead9f8a7b92a9bf799e0ec44b46e81a44d198bfaacba9
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:12:26 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d10aafcd.407d3e09
date
Tue, 02 Jan 2024 14:12:26 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021412264A625D507D675A4DB7DA-6B77BAD7D624BE8A-00
x-cache
TCP_MISS from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
138,2.19.119.77
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=54, inner; dur=51
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021412264A625D507D675A4DB7DA
x-cache-remote
TCP_MISS from a23-220-105-90.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
54,23.220.105.90
x-tt-trace-host
01eadde68ca92b531abb75c2e751716c3b073699bdad5ec274b7462278623b09f2a466f06ab8335b2aed80322f2cc37f9e6dadba449ffad54d864104712d5ee180cd068a2962b5cfcb58db106a177b3820df074536ecf72e26e6f1ac9eda27504063afca318e63d945ffab5782ccd1de42
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:12:26 GMT
pixel;r=725469131;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLj-iLTxvoMDFY_MOwIdgcwGMQ%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame 1094 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=725469131;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLj-iLTxvoMDFY_MOwIdgcwGMQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Drt_bs0%3Bord%3D3461936573925%3Bauiddc%3D544842920.1704204746%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma%3D0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-580916074-1704204746238;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204746409;tzo=-60;ogl=;ses=2b1064ff-8474-4c87-80a9-c0f6784613fd;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=529280705;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPr-iLTxvoMDFaXIOwIdBw8DtQ%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame 0414 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=529280705;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPr-iLTxvoMDFaXIOwIdBw8DtQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D3468807134180%3Bauiddc%3D544842920.1704204746%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma%3D0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1150735918-1704204746241;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204746411;tzo=-60;ogl=;ses=2b1064ff-8474-4c87-80a9-c0f6784613fd;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 1094 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE61149D1E94487496ED2C6A15FB41CB Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 1094 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=643654de-064b-4d0a-b033-7822cfbcfa9d&sid=f4c103c0a97811ee8c995b5e3b6b77b7&vid=f4c13e50a97811ee84fce3bf2ef6c916&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=328&evt=pageLoad&ifm=1&sv=1&rn=361844
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLj-iLTxvoMDFY_MOwIdgcwGMQ;src=8832015;type=rt;cat=rt_bs0;ord=3461936573925;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4869FB5F1F624AB981FBE1DFEAC6D599 Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 0414 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPr-iLTxvoMDFaXIOwIdBw8DtQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D3468807134180%3Bauiddc%3D544842920.1704204746%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma%3D0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204746416&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204746244&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPr-iLTxvoMDFaXIOwIdBw8DtQ;src=8832015;type=rt;cat=donforms;ord=3468807134180;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BADD 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2361632
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
276872
x-content-type-options
nosniff
x-request-id
a4104b96-6577-4ca1-8083-3d23b0afc52d
x-served-by
cache-fra-etou8220106-FRA
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame CAB0 		200 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2361632
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
276873
x-content-type-options
nosniff
x-request-id
d1239d06-f4db-44d8-b21b-a0c8ba6b33cf
x-served-by
cache-fra-etou8220106-FRA
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame C498 		325 B
693 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
83f0687a-76d3-4b6f-ae24-d9068ce14611
x-served-by
cache-fra-etou8220106-FRA
sa.css
tags.srv.stackadapt.com/ Frame 0414 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
259377c9eefef6dd16af878a4bd9003359ec839dbb67b28dccc53953d9d530ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 0414 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame BADD 		526 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
2282652
x-cache
HIT
content-length
315
x-request-id
31f97ec5-f694-43fe-a7f4-fa8ab58a3f4d
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
264893
syncframe
gum.criteo.com/ Frame 3D56 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:25 GMT
server
Kestrel
server-processing-duration-in-ticks
301626
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 052C 		325 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-content-type-options
nosniff
x-request-id
bc8ff1db-67fa-41f9-b262-334d2db593cc
x-served-by
cache-fra-etou8220106-FRA
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame CAB0 		526 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
2282652
x-cache
HIT
content-length
315
x-request-id
432aed53-2334-4569-8258-078f34ecd050
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
264894
activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;u...
8832015.fls.doubleclick.net/ Frame E178
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
0d6e464f30b577bb2f06e2683c28d6608ba8d37d4e718cfe997e6102c7127dcd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1762
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:26 GMT
expires
Tue, 02 Jan 2024 14:12:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724&_p=1704204745664&gcd=11l1l1l1l1&dma=0&cid=1837972625.1704204746&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704204745&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=scroll&epn.percent_scrolled=90&_et=21&tfd=2306
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb
fndrsp.net/ 		2 B
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BQD2yfqZ80HGz00kHOyibvMRJPsA4s1zpJ6DLPouuZLq5TMEnZIqXQVsM6c0%2Fw4HyyxDDhc7jo5mcfnnykp5MD7WbxPd9EeBdjOmHzPoSnbSG2kUvCRtzzgElhU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398d1ca215b7a-FRA
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
496 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugjjFEImvqgzrpeE1Ph6AaWmosppwm75CKwJebbJkKGGz7PlWIgoUZi3c7tYXHKfDIhIeryyutpMJgaKqA8tvQFNDCRtHplk1oR5nRritsvFDCQuIcDNYZGnGtl%2FwfBAtBAScvyU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398d2093abb4a-FRA
alt-svc
h3=":443"; ma=86400
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame C498 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
925a6cca-de3e-49b8-ab0f-9fd297d75253
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95440
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame C498 		688 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
180909
x-request-id
3e4d2785-4e39-4969-8b71-1077fed40eae
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Fastly
etag
"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4979
csp-report
q.stripe.com/ Frame BADD 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747182810
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747182479
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BADD 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747167314
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747166999
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CAB0 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747167325
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747167051
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CAB0 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747167623
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747167022
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 052C 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
8e2f7d54-000d-406e-9cf9-3d6c692488c7
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95441
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 052C 		688 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
180909
x-request-id
a5ec1e82-bad7-43ab-8891-bc4ce3202261
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Fastly
etag
"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4980
2612.328ca5ce35bb1bd7dfef.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2612.328ca5ce35bb1bd7dfef.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K1FTJZVEMGT0RPZ
age
970749
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hilGTOGlnMOKbcw1UWr1CtGQ94ehn81k11lCZc4h33FIot63Wt//1VYQ2dZOu1UDDWALlNNHtog=
last-modified
Fri, 22 Dec 2023 08:14:19 GMT
server
cloudflare
etag
W/"72585859f7005322a24f55039d6502e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvwN7SZW0sEru7pZvBWtSvOCmkKsLiZZJjcYZTdfitxUGP372YQSf8vG6XlEyJGRn8wqZr%2FAXlhBXeN7VTljh0QLHew0SxSOKjAi5Fkxj00Abh9yk0V4P53nHNB5HehoWrCsHitzDIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2087f1e5c-FRA
9317.8347c21dba66a3c8e00f.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9317.8347c21dba66a3c8e00f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JEF58MZTHBKHTENT
age
445896
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gXF0toF3jFTOznSncHeRwuJX7aT+8d1QE7HFWU1GVzoeTSZm+9KzIoJmsICX4KIsAiTpnAlQ+Rw=
last-modified
Thu, 28 Dec 2023 09:56:39 GMT
server
cloudflare
etag
W/"cb3cf711444477b5098e7015fbbf15ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnCHpLwWcCMSTZLaVRcGZH9eDv4t91NZUDcI3P18hwx6AMtwD%2FuMfm8RmQ9ijg%2FAbOM9zIvnhW3Oaf75MfwXsPos713DdCx5hgq2XMry5U8XD5IcO6TPY4xBUoQ%2F063iA2K%2FsWbHNJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d208821e5c-FRA
3881.cbc277ee4db5221fc545.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3881.cbc277ee4db5221fc545.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
880PGD6549C94DW8
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pSEoew635YflmBVqBaK6olJhMbYcixootbJjLqRt8nnajJ05UKekU5PT4TLJpw/dTssheuRb0KY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d3787c003b65e006808cbd3b22d515d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLP4T4wbCVlz6dtewsjccGQc9bQ02sbxZnYvJ8FqGX%2FOqBa4EELc3vcJF6KeACDyJdRA49CDBBNbrxjfT%2B3QgSipoleY7zaWuddWuUZ4UDUjlIVfcWcrS69bspvt1SYqYiuluz5m9ew%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d208831e5c-FRA
8443.30652bd12c39ddd0d48e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8443.30652bd12c39ddd0d48e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CBVYVJ0PDYNTHWDJ
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YrRqlTAnkVB93lH4cCxTFUxrj4pfquBgW6Y9J6iLoYnjS4hw2MYlI53xHPnOo6S0QODEEpTddLc=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"188752fb24105ced13abb937e1252dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i962mczCs0wRMATnL92sJp1S2NBlG0t5HFnhb2DeFwteO%2F9KGLZag%2BMUoPaumEx4lnIsmIPNtGFBl8gou5F944L%2FZLHosMAQsSdSN0UsZxJ0fAl9ITX9X1Nwm4gGgNdWTt4dSJFdEVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d208841e5c-FRA
/
ucarecdn.com/b1fe3be5-d5a1-43cc-a953-5216801bc1dc/-/resize/470x/-/format/auto/ Frame 9F42 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/b1fe3be5-d5a1-43cc-a953-5216801bc1dc/-/resize/470x/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
99ebb532259a75968ccb5672ca994d8830a815e68b5d9b4304dd5fab2d0ac97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-image-width
470
server
Uploadcare
etag
"ab5656c109d140b7b43f8cd154697623"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31327815
content-disposition
inline
x-image-height
263
content-length
14609
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9F42 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KG8W0M0BVCA4PDWK
age
1024187
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
ehDT77ViieDgFSVcGsFvckP/H+LVEbHO2xcqXlA4gCAcl/XM+6TVRuOSfeuWNxWwBO8opeFhdTs=
last-modified
Wed, 20 Dec 2023 14:31:09 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5xnPwrEqLCTNoRF6QMYt2JvgPx8FjuivIPf2tXaBYip8tkfnFQvia6POgJ5HSYem0L5Az4xQQJ5Ex1hiIymM3Wq3qjasdFrRcyv4JOttNgl8NXc%2B9gRmy88PNNa16QknnRGRTKXS24%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398d21a6c3611-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9F42 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E0C5F941D9Y3FH1D
age
1024187
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
12dk9Cf6+G1cXqksEEj7uAeRxc6vfIvLqjdZHPLD48m00Hh7eUWU8aMADM4+/ye2xMXZ+LhtZ/8=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvwBHYNlW3sVLwCrfQmckzRStDYutf460AsC%2F3XOxtJC8JLsnWyfnWDvfTZw4BqqzEprMRX91dajZ4ddJMoEgkg7RcOPT6wOzGaCdXf1%2Fox3QTZdtV9Xh9kg17slvQNEuDmXdEwxIAw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398d21a6e3611-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9F42 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJSE15R6G6ZR4DSN
age
552523
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53024
x-amz-id-2
z90YQkc5RjdyHKizv2eyQ699GjQUZD9KYe2Ae/GhYLkdEgnmsglNOCW1qBTlayyfNlhwYj3xOpM=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"d6502c623b1b74dce94988d329d4f4b7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1O6Lt08BkxMJE1zsGUSYh3IDZWAK3bJWL1VOhIi7b16imxo7f0yeUqdP1I853NPBJmyqOoxKJ6lnQRIbCHylxa6W00M8f0tWsjvaKeohnWV%2Fy7vk1JG5WFzl2Bwu6LCtW8zZFCnLSnM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398d21a703611-FRA
4308.267ae83b72a737d61bc8.js
static.fundraiseup.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4308.267ae83b72a737d61bc8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZYH264852YZ9DK
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nDC7Cq7Mr+Zn04oXI1y/tAEx8sD8Yww18TArSyzm3zUwxgGOIA6cCL+QXOuq7Duk2Gx632eydrY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d17d932280bf77e59d50820c420d7365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naLEmzXzGgx0eqsSneKXLt9xcp4HrvcGZbfUDQL0Ao2QNa2jDoi35ZDPLRKuNcc4qJkX%2BvqpYYFIx%2BnD%2BnjN9UZM0%2FGYQsfIMgOxMiSytY00bwjkaC2X4nvSiP3dJly6Cb%2FCiAUoy%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2189a1e5c-FRA
4798.a2fa7f6bbb792b2fa1f0.js
static.fundraiseup.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4798.a2fa7f6bbb792b2fa1f0.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K1AES40DV8K6YEG
age
970749
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9m/V+zQLreb31PaQkNhd/W7ftIw53hd5Cw0nyFIbRsFb7JpCYcZ7laaw4VIOlKUzpSSDJIne4gY=
last-modified
Fri, 22 Dec 2023 08:14:26 GMT
server
cloudflare
etag
W/"813c3e21463a5fb18a4652af2d6e3a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JniyBegkIsjgVyWSlgsINi0P2dT5f5%2Bbzyy8k2GeoCam4tiWqbtx1bihillUk04njWHffLIqjqBNTlrcZz4sblXeFcYvJLs8JndVK5geaWp1QN6PXw%2Bkjl%2Fob8tutLR1TV8uBCgIPxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2189b1e5c-FRA
7470.5c849ae41dfa76a30134.js
static.fundraiseup.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7470.5c849ae41dfa76a30134.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZHKH536A56RACS
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oVoYp7SmPXx90DPTTKcYLd94o44lpFLshTCQZDuZ/jTATOpxTcuFK2dX6chKyxdG+uH4/WmRY8M=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8116b094c9ac56f0fa0e152d4e72373b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se%2BRyaHRQA4DX10p02TDbG59vi1ZepE%2BwmloxfkzSVaSe6Cc1A9pJf9oKy64Rmr5Q3LBN8P5T9LsfIVjGxvradjS9V8W8WLIdUeay7%2Fu7M0MeXcwuRPpvOui%2BAfYDul8DccHW1wwqRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2189c1e5c-FRA
7161.70dda01ad3bd7b1f43f4.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7161.70dda01ad3bd7b1f43f4.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YNCNNCVM9ZJEMQBG
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TrHvDGVM1ZhZ+yVVKCtY8sveJlWtFNoTI0y4JMFhwDpdSEDkiAT9fMLvl572MAPSDJFJ3IGQu7E=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"6a9110bcfcb930b2a0f06f9f8de67d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwDh3CVjXGZrT6FAuum2LOoa2CPe008dqt4b6p5P0DVRzO9hR1Wu4HDy9Pp2NYFSNaSEd%2FZaJCU6YrK3tXG8ESz371xp0Ln35hs4KOQ3p3YBuJRmczIZt9d1JcST%2FXY5sN79uHDizF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2189d1e5c-FRA
4172.550614b50a20ec5505f8.js
static.fundraiseup.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4172.550614b50a20ec5505f8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9Q3SG6D78TC8KSFP
age
120282
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Dzs4cY8pLKlMqr4XXDelM+L1JRP8xYHuMx8BKtcO/NEnnLaaFpFVOvvbLVYDe90ylqjPCx/5tac=
last-modified
Wed, 29 Nov 2023 10:48:32 GMT
server
cloudflare
etag
W/"82362aa73fa0a4d64a1c55b1d259397a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q3kNs7EiwaGw1RbL3ObgYl1I5XUhlM4Xu2wdgDUJB0Yk4sjFh7CPMHfK3GPWoUpaeWqGiFvrApRb3lO%2BCQnLevhIl9OiZrHpoOxUb3gpCbIIEXL7iIpUOoztrGI3Dka4kIixuGAy8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d2189e1e5c-FRA
7912.0af9043c4cad1d41b53d.js
static.fundraiseup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7912.0af9043c4cad1d41b53d.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XSZ4RAN7SD4CP1GQ
age
1316046
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WpGoXfJlhckMVb4a1Z2OzQmbLCOIuUTREtcm/8OgzWuMJrjSE6AOsbUeq89ziwPmtKotUkk5FkI=
last-modified
Mon, 18 Dec 2023 08:18:02 GMT
server
cloudflare
etag
W/"3aad49c653ac761d3b0dc37c051585c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45YT7L%2B7D8nvpLwL9DPVpGZ39vR7GiGFoMDpZgi9BVftFeriZzL%2BoXcH7HwqqyfqxOI%2FQil8lEu%2FOyKnI869Ib8MznQ4l9GqM5Zul5da%2BtkDcFenHGLdOpnrW%2B3Ge4BTfY3lAvVGFoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a01e5c-FRA
2604.70a67a9325a0b895a893.js
static.fundraiseup.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2604.70a67a9325a0b895a893.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZK0EB840772A01
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
moJV5M8Iqd/Af/LhNP6avkyoJcNEY4EXjOsFdHlFqI66S8NpgolH4y5wMczB2oA+pClQ9gg2vSo=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"52a2cc1ece90544227187f23af6c444d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSQzdKGyT6RUxuosGipcz9udA4El1LM%2BxFa1%2FcFWqrV4ZwsXNdxI4loxpayrRO77w%2BCDJglVWV04GjmTXFJUFPF4iMD5qjs99m8mYoHGc1FctVzOAjXf9dC24tgA1JWZxCRtoKCROxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a11e5c-FRA
8242.b02aaf21dfdea45ccdeb.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8242.b02aaf21dfdea45ccdeb.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYBH0AE9WPN4MEZV
age
970749
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wF5+7h/87SrEbp2uxjF0zb8LcL2b8y3jEAXBGtxQzgF0fIoedcwomkGhqGU1nYz3PuqzJqepVgY=
last-modified
Fri, 22 Dec 2023 08:14:31 GMT
server
cloudflare
etag
W/"4b19319add63bf353f59c262e18d678c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvjwrWPQzJkk%2FYrAMCz5U7Znl66U4m%2F8XBAugDshF7mU5qlkeulhCB6aOPoySwfLq9OzXiVHb4fTmxYwfsh%2FniAXe%2BjdUu6bcqx4KdHycb6y4bch8wrjeQ9eariuJ9UY%2F9SutimW8MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a21e5c-FRA
1307.079eb3e246fe1582b593.js
static.fundraiseup.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1307.079eb3e246fe1582b593.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZZ3K07WA8NGT98
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sFeDFDmEin2i/TqJ1uVwLusUs+DQibg5SmUne8oVjxGP/AxVrFDF+Ag6Ys7qcEoDLa/Cmm+WYzw=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"7b1aa6725ce10e652729c8ca76f3ed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEgDektlIvZ6Irk6qbbEUaK8XZaV0gj1xXR0Z5Kr9UoSme%2B%2BXjEqLvcRiJefb2D1%2FbKtdez%2BXb%2FUiXZRHr8tBlzG%2FInmSBGM2MLa3BSd2bQrTOHbuP1cWaoHROXMynUcx70iTeSHp6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a41e5c-FRA
5294.9d66a191975ea80fb12f.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5294.9d66a191975ea80fb12f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZJAA46H1T2NBT1
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
c1JuhxbnXm1baci6Tl2nZ9f5Da4EJrDTltyrCWVB/ae3IeO+ew/DQxood4+PpF8q2LrBQx+vlMU=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8cbeb2d49dcd2a8be5a4eecf9cb7596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YP35FCroD9P%2BHW1M98Oxj%2Ffbf0um3RFJvg76EnDk9JkGb2C%2F3ntQ7DYAZTFq2yR1pJE84sMy8fB2bPGJKATtkG5e7jl0J%2Bm6XGfHVd2LOn8XzU2zHpCw4JdEMyQXtZQa4mOFNDPW0fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a61e5c-FRA
3074.d9147f791079b87eabcc.js
static.fundraiseup.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3074.d9147f791079b87eabcc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZTDFGYNM6WSEK6
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cZPaKSTJbKKNf4jPxRc+867eZqzyCLVx/Nyef4VnAF/bw4AMXmjSTzFsSSRlG0N/hPx6bwXWDbw=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"147314f2adff1871b831c3e893d26e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmEUQ%2FnP6L2e8YYc3Y%2FmOJQzr3zzmoE1ea9%2F62G%2BxMGHwhywc93Dt1NEQk8osSfnu0HgG8RoM5EggGp9n%2BRQGy3s%2BdMgwdDNwcpmKD8WYiw9ngkO%2Bf1r33kQ%2B1VIxHMKH582o9JgG8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a71e5c-FRA
9101.4c00b74aed875aa4a330.js
static.fundraiseup.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9101.4c00b74aed875aa4a330.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNXPDNVHKENKPG
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SbS2RZ36pqmF6tOSfnciGl2B0vEQQUdUhWC1QYrwp/zAZMbEBLRy5M6v60EJk4H2XC1WDorzf4c=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"c13ccac03382eb3bdadeaae6fb057063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOGZklH68iP4xiHjfGf0sSlQf1ES1KDbyqmWzEBphKBaVA5F800Nw8YocratUYXPATjf1uL0K5IvKVXmy%2F%2BEPfCgf4YyjRgEmBDbt45ctTRqWcI75%2FtLpk2CoV6SVCj3sXAiJzXik2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218a91e5c-FRA
4531.eadbe0b8b04e9dfe84db.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4531.eadbe0b8b04e9dfe84db.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
20YR3NPCNSJ4CEJZ
age
1743479
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
p1D/g9uO7aEc+ZYIrKRp5TBoOfZbh4hv4K1jCEROryR/GRMSzJ0sfHrYZ32RWFBEV5eM//X/YyQ=
last-modified
Wed, 13 Dec 2023 09:34:50 GMT
server
cloudflare
etag
W/"2f5a99aa534d43a5d5741f02d107888c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPVeg3bpnAsra77dTXBQmeXDoCWWO4t8QdNUuvRJ0542T7Z2rhY6H5TwpU3%2BCarPloGfqd6xoyQSSstl9R4Q2zdoqU9n9NMQr2efRqkR7LzgisVnQj6TMBEmfNnbSWlp1Sx%2FfvI26%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218ab1e5c-FRA
6658.dc2fd4177fa973c9ceb2.js
static.fundraiseup.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6658.dc2fd4177fa973c9ceb2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
20YPGZ83KB96KV53
age
1743479
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dpcw0lKi1VlNzl1xG3NvYp0r5umXilCQZcSK6dcwFwY077FInHCY2Jj10EILwSzlctQHmkugjOc=
last-modified
Wed, 13 Dec 2023 09:34:52 GMT
server
cloudflare
etag
W/"179e147646e0cd73902eb5b2db332b0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw0vCLVIMUJ%2FdhjjgNhbSplOlPSe1KZoV6ncNjbM%2BumiBLWgIwOa4KQghg9v%2FwVlWok%2BQmmEyoP2L4xEGQLFGQm6M4DAGyBJ7wRELfIXjAKGwulQWIvh0igrxwWPKbN5zJ2Y0patj24%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218ad1e5c-FRA
3646.260d4a1075292b4adf02.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3646.260d4a1075292b4adf02.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DTYC4V0R86F0P81D
age
445896
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tHX+DS2VimeY4FaR74mducn+JWfA8PjTg5M+dLoPDk62FMqBAqjzQEMxfytkbnOWhm2fqMGDnjA=
last-modified
Thu, 28 Dec 2023 09:56:31 GMT
server
cloudflare
etag
W/"2411304c845454ffdbcb9e14e0698788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC2DszLIjcHY5YeNeSllc5C4Zg%2FrwWpw7b53hJZcCobPSg8LD3pRIXZFK7D4U3H5dLPruQO6qi6hcLxPHzv4%2BdCem6eK7QH4KAXOQ1OVu9ZhWy2bvuPhmQ%2BGiXefVuC%2Fb54oplxfvz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b31e5c-FRA
3105.d6e00ff8e93a442df385.js
static.fundraiseup.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3105.d6e00ff8e93a442df385.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNQQPSMTRD99DH
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4avKNXqDb1vdyvKMMzQ+mhcq9WCZCNwuAKC1jCPkEXwBLu6xWzElYmvW2fVySgRwbLD0KbI6UVs=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"36ea0ba3a6b621751333520ee8fd1f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB%2FNXdLZGUICkmrySRDpkFIVvvT5xE9Ey05cquL3SKo0fxKEaLRMNXIupJQlKBCqv8GGR0eZfYupKqWe4drwlc%2BwZ8ms%2FiOtxjnRnWyU%2FhEyqE4%2FNumGnLuwZ3ybjlh2Po0uS5Ffnfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b41e5c-FRA
3092.789e5f7657c128376286.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3092.789e5f7657c128376286.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
880V2B8E4F8QJ7QP
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XiduCIPMIU0v1Dy3pTEfZ91ZUS+6nTMSHxu3hv5Sb44/483c1zJBhCgjv5w3MbYfotm2YSC6EEk=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"d94f94636a66837a35470b946952786c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFbXTqGR2A%2B5yzkWOYw4ifSNpWDuYj35JHJMLWw5eyaQpHN29OY94TIqzEJPO6BkTSxG4L9Tv6KAF1jz4NhXQnkheS7eHO3B0Ft28bcrR89PiIojVwpU72XYfB4ZhOHdr4ykjj4dVtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b51e5c-FRA
9927.0b1e038f382f072de5e9.js
static.fundraiseup.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9927.0b1e038f382f072de5e9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZJC81A0QK0HQKV
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
K3pCTqk4eoVVPO87Qn/talWA8rBLB9CmH4vIjdRmu9oDYdr1aJ4MLtlv3+/vGknf248JvbMU8iE=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"3a9bfdc394ebc7d6ad30abca79e6f251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXWMU2M7Q9TQhH7J5JKCDrOSfsP17cBr6KbI%2BPhHMSFacMAYHWYlyNVGU06mMOiM7e4qzK%2Bn7BR6o%2F75p4zBzv%2BRSEFqjLClmsvEN2HB49G1Nh2M%2Ffxjb7j4gXBI5Zv4IouirEacRKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b71e5c-FRA
7730.aaad688a89216a2cc75a.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7730.aaad688a89216a2cc75a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZMK6VRN4FG2A57
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1Yisy2XbUiNznt+ORXA2Fab+zBmHfyui24DzhfyqAj3fWV92hxb2kmNYVM5HBkXANo4K1PhU72Q=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"641661c170adba24f7e5f887e0ee88bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7VGwm5R0P9LljWEiRT5BTcqt3BKINa2B9w%2BntjPCDkmpr7XATz1lKc9uTpMxXJoQqErJSntUmb7vArFSfbgVaUy0wPpG47CzdgQVRUE7lI1yglUqnTh%2FYpMCfc10Sx80kr1cE3aQ8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b81e5c-FRA
8598.d58b9cdb2bccb5cd9149.js
static.fundraiseup.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8598.d58b9cdb2bccb5cd9149.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNFA0GW2GF59CY
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/NUB8dpLt9Z1mgaitjFsV1wCPuuDKoZjMssNia5vBvHn8EXAreKTi7uu4Sw5r6mgIHFmTMOdkbI=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"854d674b89e3d93f020393ce69f5a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zutbqCCoeRoqxpCIhEoHPFfnr8eLR4UsYKiegKObiUFRuLZlPGKE8ynQkE6MDCDGNzwFGr%2FvdOCetIeonKU77OXH9olQdDZ2g66%2FkrF9UWPrjh9bH5TVM0BvWU0tKlBm%2BZkAxz3CSQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218b91e5c-FRA
3313.8bb649db75fb9f932d94.js
static.fundraiseup.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3313.8bb649db75fb9f932d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8XGEDY3B93NA6F
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
POXRl1QV5/QniJH0uu+gMOVtewNt33siC8qC1xZQAKX1/sb2U1vowsxyAOjkrffaESdeXHDrORA=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"85d22b265ca08373504a09621adb500c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnwQlXIKOg61Pvler4HOHB7He9VYwtvBH%2FpuZS53KHflZbjdGlthdi%2BwRwkg5cL6ILPCxnifZAeu%2FMIX%2BYnBNK%2BJNnixkRHpa6iLlX4tpgM7tA1HWiYvvUqt5zSj2SSpSwD8Yu5o6zU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218bb1e5c-FRA
617.b191c125d86fae215d94.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/617.b191c125d86fae215d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y0JQ7M44MK2F5G3K
age
1654431
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sbvPQNx3tjvZWNsaUt29Vd0ibgdMSR1/3NgQejhntrwmn1eY7Pk2LyYXKckEiuqogIJW0GOzINs=
last-modified
Thu, 14 Dec 2023 10:21:52 GMT
server
cloudflare
etag
W/"9d235534a9b590256d5f9f919849f1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ar6hPmHUavkWnjbtRlDWM0EMtmw%2BXfyQnVMHEXaFgPlApRZxxT3HdKdXS%2BPoJTlPT68MYSFaA3%2FG51XZtJaINW7XixB9zd7X75cLIU%2FD2P%2Bx1sWIlPfTNyqrUX%2FgnrUeh2XNRhrC14s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218bc1e5c-FRA
3755.885174add6f9f35ea1cc.js
static.fundraiseup.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3755.885174add6f9f35ea1cc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZS4XA7ZKX3QKJ9
age
18516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nOXmF2ERRiU4InW8aG2ToSkgRiKGZKzzXmRWv5UamummPp8ciDs+T+nWP0jmvuC9GDiZ6Y2Clhs=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"6332e5261fb5e132c86e8e991694cf7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOwzJ2ZSsXDGf8wbJF2VGn2NuPaGtipZwKPti5wnPVQZ12CYGszzUJJ0mQA5u2tjjG9yGumJGHRopHl6q%2FdKXW23y%2F%2B1hGNOJQfG80tYccTlbb7bxv2iaw5hCSbbz62acNQxjy17Kqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f398d218bd1e5c-FRA
/
ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/ Frame 9F42 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-image-width
50
server
Uploadcare
etag
"5f0f074f24722ebb2e429bbb349da7d7"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31495110
content-disposition
inline
x-image-height
50
content-length
1937
csp-report
q.stripe.com/ Frame C498 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747184255
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747182587
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 2A79 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
90
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
96
x-content-type-options
nosniff
x-request-id
06bc44f5-0e44-4604-9bd8-a56f0baaecd6
x-served-by
cache-fra-etou8220106-FRA
x-timer
S1704204747.588418,VS0,VE0
inner.html
m.stripe.network/ Frame C468 		930 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
90
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
97
x-content-type-options
nosniff
x-request-id
5117c8d1-1947-4c47-a16e-c8dbb54e1795
x-served-by
cache-fra-etou8220106-FRA
x-timer
S1704204747.601443,VS0,VE0
csp-report
q.stripe.com/ Frame 052C 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747184770
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184055
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
sid
mug.criteo.com/ Frame 3D56
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=s964iHxTREpnRXpCSWN6T1I2RnRGSmtMbWlJY1RKKzZpeTE2aHhUYzJNWDA4R3FzTXlGR2RVRG9jMmR0dFI1Qjk1NWJLYzIwelFHWXFRRjF5WG5CS1BJZ1lhS3dnRkRreFJia2VPUDZNQm9ja2ZQLzFhSWs1TTB2bEtBdm...
441 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=s964iHxTREpnRXpCSWN6T1I2RnRGSmtMbWlJY1RKKzZpeTE2aHhUYzJNWDA4R3FzTXlGR2RVRG9jMmR0dFI1Qjk1NWJLYzIwelFHWXFRRjF5WG5CS1BJZ1lhS3dnRkRreFJia2VPUDZNQm9ja2ZQLzFhSWs1TTB2bEtBdmlsa2lqb1RqYm5ZcGlxYXdqOXZScUF3eXBaTVRCQjRhSHlOZWx1UUdIMk93TG02OWVtRjBNWU5ZbTdha2dhSnl4Ti95aTIrOU02NmtZR1dobjk5NGViSlI5cTZyZDNZK1FNbTlac3d4MjVvM3gvSFRtMStTWTNQTjAxSWNSR1pDMUdobFhXREZRMVdwMTFxcmdmT1pxeTBqaFg0TEhMSVlLV2Z3VHFuaUdLQjdpZTdVeEo0M01lRTJRblR3YzZacmVnVFl0OUhrK21nb1UzT0FER3padzZwS3FxNG9SZ0E9PXw&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
953f9b32c98ddd81c39d60ec73e011f9ec606f84eca290d929e0870b0c40f4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1105982
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=s964iHxTREpnRXpCSWN6T1I2RnRGSmtMbWlJY1RKKzZpeTE2aHhUYzJNWDA4R3FzTXlGR2RVRG9jMmR0dFI1Qjk1NWJLYzIwelFHWXFRRjF5WG5CS1BJZ1lhS3dnRkRreFJia2VPUDZNQm9ja2ZQLzFhSWs1TTB2bEtBdmlsa2lqb1RqYm5ZcGlxYXdqOXZScUF3eXBaTVRCQjRhSHlOZWx1UUdIMk93TG02OWVtRjBNWU5ZbTdha2dhSnl4Ti95aTIrOU02NmtZR1dobjk5NGViSlI5cTZyZDNZK1FNbTlac3d4MjVvM3gvSFRtMStTWTNQTjAxSWNSR1pDMUdobFhXREZRMVdwMTFxcmdmT1pxeTBqaFg0TEhMSVlLV2Z3VHFuaUdLQjdpZTdVeEo0M01lRTJRblR3YzZacmVnVFl0OUhrK21nb1UzT0FER3padzZwS3FxNG9SZ0E9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
284104
content-length
0
expires
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
697 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
407d4198
date
Tue, 02 Jan 2024 14:12:26 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141226CBA64B3D062F8E51EA38-0C3010FE0A1949D6-00
x-cache
TCP_MISS from a2-19-119-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=26, cdn-cache; desc=MISS, edge; dur=7, origin; dur=121
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141226CBA64B3D062F8E51EA38
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
123,2.19.119.77
x-tt-trace-host
01eadde68ca92b531abb75c2e751716c3b19d195300cab2c17de0e7a3ecc1495d3641bd76ac1824d61d735dc0c5e5f9a6d183e096db9ed490f8a84322faf21fa1f37793ecc4705d334d02210fb92a9cef65fb656cd93ec2b0ed3572557452c9ccf
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:12:26 GMT
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9F42 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4XNGNJKF2Y4B544T
age
1059243
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
zbAQlh/zIKk3a0CskolCssfW+JxwLuIWNqNKmhTqSN01RrO2ZXqM8tpZvZPbwK5YqTwCeodOZPQ=
last-modified
Thu, 14 Dec 2023 13:16:28 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USmOJUkX7zMuVFqYjGHPn5QD0QZfe4xJxioUqT1E43KyX1TjWDD%2BRhPxubFwp7TYnwSS7ULDb9lxtAAD7nDxLDad29yjy2RXfkiKPDPF6FVVA4qsMClJCB%2BO4tYNaW%2F7grz95FfxwMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f398d2ab253611-FRA
.deploy_status_henson.json
js.stripe.com/v3/ Frame C498 		474 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
84183d4d-6200-4d17-9796-78eb5eb25609
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15
.deploy_status_henson.json
js.stripe.com/v3/ Frame C498 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
e8ed7776-7360-493f-9915-e2f88633583d
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
pptm.js
www.paypal.com/tagmanager/ Frame 9F42 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
63491
x-cache
HIT, MISS
paypal-debug-id
f5696235c4423
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5696235c4423-a4a84418f06c25b8-01
x-timer
S1704204747.725436,VS0,VE6
etag
W/"3673-CDYthXayTPHyhbZkx+ebL7PTxgs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
event
ad.ipredictive.com/d/track/ Frame E178 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&val=&tn=7277650409016&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:26 GMT
Connection
keep-alive
X-CI-RTID
79bf6357-d755-415c-a56c-175f267c0b27
Content-Length
0
p
e.acuityplatform.com/ Frame E178 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame E178 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=176455013;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame E178 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref...
adservice.google.com/ddm/fls/z/ Frame E178 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 2A79 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185288
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204747184169
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 2A79 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
274
x-cache
HIT
content-length
15509
x-request-id
ed49c7d5-4ec6-4fc3-9eed-bc11e615f26f
x-served-by
cache-fra-etou8220106-FRA
server
Fastly
x-timer
S1704204747.773332,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
265
csp-report
q.stripe.com/ Frame C468 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747182941
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204747182552
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame C468 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:26 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
274
x-cache
HIT
content-length
15509
x-request-id
cf29830a-4b6b-4a7f-a055-407215aa6c46
x-served-by
cache-fra-etou8220106-FRA
server
Fastly
x-timer
S1704204747.773817,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
266
events.js
tags.srv.stackadapt.com/ Frame E178 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
50db2a9aad8e33d5b048ace1dcc65f67f698d6fd0cb35f42dae7088019d957ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame E178 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:12:25 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FF9D4458A9654994B4B4387998160288 Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame E178 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:12:26 GMT
fbevents.js
connect.facebook.net/en_US/ Frame E178 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8DA78j3pHQjJhbx82v1+4V1JSsYPnjPnRO1x3JMBmuOirJ+CulHhHc3+PFD619L+UvKfjPPop+5JvzeI6rl76g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 052C 		474 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
95797df2-67c5-4723-9652-eb571a777fe8
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17
.deploy_status_henson.json
js.stripe.com/v3/ Frame 052C 		474 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
b6e5dba4-1673-4b3c-b9ed-4cabbc361839
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18
logger
www.paypal.com/xoplatform/logger/api/ Frame 9F42 		994 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72dc9df0c7e98313a61f28b2ff1a5d8a00910092fd9a033367df9760d1831096
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f77025865ec25
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f77025865ec25-5532252cfecfa75c-01
x-timer
S1704204747.162223,VS0,VE185
etag
W/"3e2-2vxp+WNohmd94WUTgJCr1fz3+/A"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.marchofdimes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 14:12:27 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f77025828a5a0
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f77025828a5a0-32d6565b7dc804e4-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
x-timer
S1704204747.927908,VS0,VE205
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame C81C 		325 B
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
5
x-content-type-options
nosniff
x-request-id
151593e8-0240-4cb2-bc9f-f32b60cb54c7
x-served-by
cache-fra-etou8220106-FRA
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 5BAD 		798 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
925304
cache-control
max-age=31536000
content-encoding
br
content-length
362
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15893
x-content-type-options
nosniff
x-request-id
c9699d43-bfe0-4917-96a9-3e663834b7f3
x-served-by
cache-fra-etou8220106-FRA
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 4A71 		798 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
925304
cache-control
max-age=31536000
content-encoding
br
content-length
362
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15893
x-content-type-options
nosniff
x-request-id
dd59ef78-ef24-4cee-8d23-1ee244974eb2
x-served-by
cache-fra-etou8220106-FRA
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame FC17 		798 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
925304
cache-control
max-age=31536000
content-encoding
br
content-length
362
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15894
x-content-type-options
nosniff
x-request-id
c0e019c8-9467-49e7-a26c-77258f26135b
x-served-by
cache-fra-etou8220106-FRA
elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
js.stripe.com/v3/ Frame 9874 		820 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
924257
cache-control
max-age=31536000
content-encoding
br
content-length
370
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"5d9a311984498e026b1badc5a52d6bcb"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
08966a98-7ce3-4625-a842-3725f2b5a307
x-served-by
cache-fra-etou8220106-FRA
elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
js.stripe.com/v3/ Frame 6D8F 		798 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
924794
cache-control
max-age=31536000
content-encoding
br
content-length
361
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
etag
"a59168b21e202d878ed59c4fbe9405b6"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
16
x-content-type-options
nosniff
x-request-id
f18ffa73-7a02-4d73-bb30-e4fb71c1bbc0
x-served-by
cache-fra-etou8220106-FRA
b
r.stripe.com/ Frame C498 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747005274
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747005071
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C498 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747005131
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747004859
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C498 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747184912
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747184223
access-control-allow-credentials
true
content-length
0
saq_pxl
tags.srv.stackadapt.com/ Frame 0414 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F&t=&tip=vEoBlHiPnZL6YnYuGIdpygSFsDNSrIdxLWWh0DC8FVs&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-ba7f4498-3756-524e-4f02-9ba5007993f1%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9ba7f44983756524e4f029ba5007993f1253a3af7&sa-user-id-v3=s%253AAQAKIO3-krvLSdAgYHrZfTOr1G636TIqkH2L2QIT4DHlvtPqEHwYBCDKs9CsBjABOgT90vuTQgQgtwqX.AoZycR9Lo%252BuJ6ifJY1yHOVMp94FZT%252B92J658CVGmPPw&sa-user-id-v2=s%253Aun9EmDdWUk5PApulAHmT8SU6Ovc.knP%252F%252Bcp2Nh9n06zVK5phrykVOhe93Jy89k0XlgTf%252Fyg&sa-user-id=s%253A0-ba7f4498-3756-524e-4f02-9ba5007993f1.ctXTiK3BYYO8irPITs5EvEDaKrtnoY%252FR2yOwOBz0HeI
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:12:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
event
widget.us.criteo.com/ Frame 0414
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=4a3d2d08-23ce-4e12-9b11-b18f4c056fbf&dtycbr=39328
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d39f145b7feb7e628cdfa928519e445055f49da5df66d75d7cf0c993045dc2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
10880447
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=4a3d2d08-23ce-4e12-9b11-b18f4c056fbf&dtycbr=39328
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2951683
timing-allow-origin
*
content-length
0
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame C81C 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
53978685-6053-4b5a-bb2c-5372c7e153ef
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95444
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame C81C 		688 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
180909
x-request-id
4bc7e3be-7b0a-4c61-adaf-66d70d3ff7b6
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Fastly
etag
"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4981
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 5BAD 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
626226de-9f1c-4550-b274-15679f9757d0
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95443
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 5BAD 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925303
x-cache
HIT
content-length
115795
x-request-id
2373243a-6c7e-4d2c-bca9-17ce337bb1a4
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
etag
"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17627
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 5BAD 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1022073
x-cache
HIT
content-length
14483
x-request-id
58da62e0-df85-4bd3-bfe9-8f117ee91f96
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Fastly
etag
"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13254
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 5BAD 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
4793463
x-cache
HIT
content-length
3304
x-request-id
29b4c6bb-128a-485d-a999-7c291a320e2f
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76994
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 5BAD 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1270386
x-cache
HIT
content-length
2142
x-request-id
76559d9b-fbe9-456a-89c4-9d0b875af21f
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Fastly
etag
"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16513
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 4A71 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
4d4133f8-1c27-4c8d-8ed0-24ef53bb1f55
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95442
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 4A71 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925303
x-cache
HIT
content-length
115795
x-request-id
c9d5d92f-4f13-4570-89b7-9a12e9e67f78
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
etag
"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17628
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 4A71 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1022073
x-cache
HIT
content-length
14483
x-request-id
74190b76-018d-4203-afd6-35c1e2558134
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Fastly
etag
"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13253
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 4A71 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
4793463
x-cache
HIT
content-length
3304
x-request-id
8e683273-a075-44ad-84c6-f10cc10c8661
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76993
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 4A71 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1270386
x-cache
HIT
content-length
2142
x-request-id
4773c372-7ad2-4e4d-8a0e-2f39623c996d
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Fastly
etag
"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16512
muse.js
www.paypalobjects.com/muse/ Frame 9F42 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7d1e382a2bb48
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (ama/48DA)
traceparent
00-00000000000000000007d1e382a2bb48-25405d1f8922f231-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 15:12:27 GMT
ts
t.paypal.com/ Frame 9F42 		42 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&fltp=analytics&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204746910&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ru=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
94c60ec0cf284
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
correlation-id
94c60ec0cf284
traceparent
00-000000000000000000094c60ec0cf284-1c6cc3a76e1c478c-01
x-timer
S1704204747.156604,VS0,VE177
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:12:27 GMT
b
r.stripe.com/ Frame 052C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747185171
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747184466
access-control-allow-credentials
true
content-length
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame FC17 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
6be80289-cd80-47eb-ac1f-f6f6cc4dc9c9
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95445
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame FC17 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925303
x-cache
HIT
content-length
115795
x-request-id
752cdbc6-62a2-467f-8ff0-df06d8568917
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
etag
"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17629
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame FC17 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1022073
x-cache
HIT
content-length
14483
x-request-id
3062525a-8f2c-4f78-b86b-b3aa7f932ac7
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Fastly
etag
"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13255
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame FC17 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
4793463
x-cache
HIT
content-length
3304
x-request-id
d00afc44-ab04-44ed-abb5-f3a6eec58f95
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76995
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame FC17 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1270386
x-cache
HIT
content-length
2142
x-request-id
f0cfa7d6-674b-4289-8e5a-fd0d157ec66b
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Fastly
etag
"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16514
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 6D8F 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
0cd2cd9b-756c-4d37-8fda-00c29ed4ec02
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95447
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 6D8F 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925303
x-cache
HIT
content-length
115795
x-request-id
0d9cb969-62ad-4c56-878b-b4abca9f1222
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
etag
"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17631
elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
js.stripe.com/v3/fingerprinted/js/ Frame 6D8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1022050
x-cache
HIT
content-length
8016
x-request-id
0a8a2c6e-5bb9-4b76-83d4-55146f1a94ff
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Fastly
etag
"21b89b442b725a93ba30c1992c145c02"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 6D8F 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
4793463
x-cache
HIT
content-length
3304
x-request-id
fc84c0de-27f5-446c-a83c-9bcc80d88447
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76997
elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 6D8F 		485 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
2965063
x-cache
HIT
content-length
226
x-request-id
4a3cd0c6-7675-45ac-af17-7fef7fdaa439
x-served-by
cache-fra-etou8220106-FRA
last-modified
Tue, 03 Oct 2023 20:17:50 GMT
server
Fastly
etag
"f6ff2b5ca153d43c332b4e54c118e3d0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 9874 		531 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925405
x-cache
HIT
content-length
132620
x-request-id
58ebbf99-9794-42a2-9f13-12943451298f
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Fastly
etag
"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
95446
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 9874 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
925303
x-cache
HIT
content-length
115795
x-request-id
dd22f340-831f-44f2-aed1-9c90ecb85897
x-served-by
cache-fra-etou8220106-FRA
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
etag
"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17631
elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
js.stripe.com/v3/fingerprinted/js/ Frame 9874 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
1011704
x-cache
HIT
content-length
6743
x-request-id
afa66faa-a6d8-4f4b-9e71-4412120a8d7b
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 21:05:34 GMT
server
Fastly
etag
"b80aa36d0aa050d116b6c701597397d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 9874 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
4793463
x-cache
HIT
content-length
3304
x-request-id
bc529d67-1f33-4e5e-9163-1c55b2b0e472
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76997
elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
js.stripe.com/v3/fingerprinted/css/ Frame 9874 		764 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 varnish
age
2376230
x-cache
HIT
content-length
306
x-request-id
22940aa2-fe91-4dcd-9da5-84346c79e472
x-served-by
cache-fra-etou8220106-FRA
last-modified
Mon, 02 Oct 2023 21:38:23 GMT
server
Fastly
etag
"0507b76e911911910d0e35f2024dd5c6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
6
m.stripe.com/ Frame 2A79 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.143.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-143-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ba78a42c26ef8c9a2bcae61fbd1c16a11452c27b22ba6dbc59ea623bea5ed00a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747419990
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204747419715
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
25042596.js
bat.bing.com/p/action/ Frame E178 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:12:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2565FEBFAAB24F1B88D942C3ED7D29BB Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame E178 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=b265a6d3-1aa7-4429-81d5-455472aab9c3&sid=f4c103c0a97811ee8c995b5e3b6b77b7&vid=f4c13e50a97811ee84fce3bf2ef6c916&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=313&evt=pageLoad&ifm=1&sv=1&rn=978663
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 995D11EF63194D94AD815E12A1C4D07D Ref B: FRAEDGE1916 Ref C: 2024-01-02T14:12:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame C81C 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185537
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184591
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5BAD 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185243
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184647
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5BAD 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185213
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184669
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4A71 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747186104
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184736
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4A71 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185297
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747184943
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
6
m.stripe.com/ Frame C468 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.143.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-143-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
93c5227d4b92b60f8790c0a2324c492f61bbd60a39b73006e8297b3e8c0a15c9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747468769
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204747468355
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
token
api.fundraiseup.com/paymentSession/2868452210503758819/googlePay/ 		244 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/2868452210503758819/googlePay/token?merchantOrigin=www.marchofdimes.org
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8bc29adacb326bf54e884aed1210338f81a18db849a9405227d0ce686bc066
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
90ms
pragma
no-cache
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndefJemY7Fz%2BqkLImJkLX9uUD6SjcqeiplZUsLMgdfa14RlaVo4XDmTcB6d3vrswVKwAutpXRyhNVZgpCL35OH2zlqc1kOZEWgRYCkJrKYJxHiguTGbsOYz8GZvB8Cy2eHo5KZk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f398d49c381e5c-FRA
expires
0
csp-report
q.stripe.com/ Frame FC17 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185359
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185054
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame FC17 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185689
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185056
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6D8F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185512
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185080
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6D8F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747186799
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185152
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9874 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747185814
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185252
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9874 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747186145
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747185288
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
event
widget.us.criteo.com/ Frame E178
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=9f88dd97-fd64-4ffa-9288-dec5d001169a&dtycbr=21519
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2ef2c5006d77dd38e61d2203b12ef392c988f974642be48a54fc734c6a99136f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
14545744
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVVVFGbVIzYnZPUm5ZZk9FWThlZ2syWmE3SGwwRW9NUTlsZzJBQVhWMTRCa2U1Q3NtNUx1bjRsSFJ3WTA0RHR0RXo3N1lRekplQ0JnR1FySGVKbGtWQjl2cXJoRlVNQUFpdFYwWFJkQ1N3WlExSHR4R2RrM0lLY0hzbHZPQXUlMkZiOGxJeEtQSSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=9f88dd97-fd64-4ffa-9288-dec5d001169a&dtycbr=21519
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4950037
timing-allow-origin
*
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 5C53 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:26 GMT
server
Kestrel
server-processing-duration-in-ticks
758744
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sa.css
tags.srv.stackadapt.com/ Frame E178 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
259377c9eefef6dd16af878a4bd9003359ec839dbb67b28dccc53953d9d530ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame E178 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame E178 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2359
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
2I1GzCOiabBNy4k0e43duqAr1aQxrOrkHpr7JPLw0YJJXzVjqdrhpQ==
812396462484872
connect.facebook.net/signals/config/ Frame E178 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6VhvV+6MOjR9SfD8hq09bKVy53aGg0D29v0hXnsZkIixNTCvYjUfGcGGJc7Uqojkz3/23ZIQ7AxyWdBbFKapMw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tb
fndrsp-checkout.net/ 		2 B
297 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP%2Ff5ai9eNv5wPUiy2pv%2FudInlvIuCqNfVqUJhzw9IT2WxZW3xgeKYWcSBbkXJNqXlrcQXAAf9ddv8RhCdTlwzs2JMuJy%2BBk3ghxYlBV%2BnCtC5zkO0qXscRMlB5%2BiyT2WAENs2Fr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398d50c8fbb4a-FRA
alt-svc
h3=":443"; ma=86400
pixels
c1.adform.net/imatch/ Frame C4B1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=116332213209&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b9eb41bf7e413dc318aa1937cfd9b012bffe35a639cb41b78070f8af45166618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=8888949933311824082&stamp=JhpL4g3KmuEDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
sid
mug.criteo.com/ Frame 5C53
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=JR22cV8xREZBV1BsV1owZmt5U0xnOXFMMDRYUFVhZUhEMXRXdFNCMUZVV...
  • https://mug.criteo.com/sid?cpp=OMlHWXxYenRGYzYrM1JqWGd3cEFwRnR0Y3VOanY5ekpsYmE0S1I4OUtxRGxkRTV1akVBQWNoVmF0R1U3c0J2bnkvWE10MWIzS3g1WkNjdkJRU1ZjYUxObVBSWXFXT2xPalMzZjk0bEFqOTRyb0Y3L2Q2bGVwNm9YK1BrN3...
455 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OMlHWXxYenRGYzYrM1JqWGd3cEFwRnR0Y3VOanY5ekpsYmE0S1I4OUtxRGxkRTV1akVBQWNoVmF0R1U3c0J2bnkvWE10MWIzS3g1WkNjdkJRU1ZjYUxObVBSWXFXT2xPalMzZjk0bEFqOTRyb0Y3L2Q2bGVwNm9YK1BrN3hpZ1RFb3lNKzlXTVVpelBEZnE4WEp5WFBTOXNCZG1qbjFaT3RIQzhkVFV3MURpbHd0b2JLTGl6aDBxZUxEUm9GdW9pc0ZYRllGTlpMZTJJMlpqZnVXK1ZZSnU3YzlXUXZ0ckNqTit0bGJZdGwyMWw1ZzN1WjhMNEZnVGc2aExyOVZXalhmMnNCaWZkL0M1SUNUOGtDejhOQ0Y5SHZwTjVHazg5d0RFcVRqYnZETUxPMDJFakU5dXgrZ3JFNGZtZ1MwUFpNWTE3WlR5eXdrbkJBa2pWbkFDdG9MSDFGbmc9PXw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c1d98bd93954fa54a8e61077fcb5eeef2324e6b31f3a85f2b25ea0e0673a6ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2221207
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=OMlHWXxYenRGYzYrM1JqWGd3cEFwRnR0Y3VOanY5ekpsYmE0S1I4OUtxRGxkRTV1akVBQWNoVmF0R1U3c0J2bnkvWE10MWIzS3g1WkNjdkJRU1ZjYUxObVBSWXFXT2xPalMzZjk0bEFqOTRyb0Y3L2Q2bGVwNm9YK1BrN3hpZ1RFb3lNKzlXTVVpelBEZnE4WEp5WFBTOXNCZG1qbjFaT3RIQzhkVFV3MURpbHd0b2JLTGl6aDBxZUxEUm9GdW9pc0ZYRllGTlpMZTJJMlpqZnVXK1ZZSnU3YzlXUXZ0ckNqTit0bGJZdGwyMWw1ZzN1WjhMNEZnVGc2aExyOVZXalhmMnNCaWZkL0M1SUNUOGtDejhOQ0Y5SHZwTjVHazg5d0RFcVRqYnZETUxPMDJFakU5dXgrZ3JFNGZtZ1MwUFpNWTE3WlR5eXdrbkJBa2pWbkFDdG9MSDFGbmc9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
344576
content-length
0
expires
0
pixel;r=386073076;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMe8q7TxvoMDFf_OOwIdPaAAfw%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame E178 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=386073076;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMe8q7TxvoMDFf_OOwIdPaAAfw%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D7277650409016%3Bauiddc%3D544842920.1704204746%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma%3D0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253DFUNKSBQFLQE%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1150735918-1704204746241;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204747049;tzo=-60;ogl=;ses=2b1064ff-8474-4c87-80a9-c0f6784613fd;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 5EDC 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Tue, 02 Jan 2024 14:12:27 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Tue, 02 Jan 2024 15:12:27 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
0c17123d9a14a
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000000c17123d9a14a-d70a49df8ada56c7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
/
www.facebook.com/tr/ Frame E178 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMe8q7TxvoMDFf_OOwIdPaAAfw%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D7277650409016%3Bauiddc%3D544842920.1704204746%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma%3D0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253DFUNKSBQFLQE%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204747061&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204747000&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CMe8q7TxvoMDFf_OOwIdPaAAfw;src=8832015;type=rt;cat=donforms;ord=7277650409016;auiddc=544842920.1704204746;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:12:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
px.ads.linkedin.com/wa/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F11BB506299746B3909D42C0782A675F Ref B: FRAEDGE1405 Ref C: 2024-01-02T14:12:27Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.marchofdimes.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYN9xaUGbQ+6cMmJTpaVw==
noop.js
www.paypalobjects.com/muse/ Frame 5EDC 		18 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D8C) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
073cc2ac6c926
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D8C)
traceparent
00-0000000000000000000073cc2ac6c926-d4e0db42f9453a3d-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 14:12:26 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5BAD 		474 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
62edf884-a336-4767-b962-46770af04e96
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19
ts
t.paypal.com/ Frame 9F42 		42 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfoFlowStarted&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204747149&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
bf33009c08e75
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
correlation-id
bf33009c08e75
traceparent
00-0000000000000000000bf33009c08e75-ed936fe4cd054b01-01
x-timer
S1704204747.160980,VS0,VE166
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:12:27 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame C81C 		474 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
68eff744-99fc-4aa0-945a-4d20d0709670
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
20
.deploy_status_henson.json
js.stripe.com/v3/ Frame C81C 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
73413856-44f9-4aba-a961-f9676f32fd8b
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4A71 		474 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
e479997b-f598-4e4d-a85d-8aeaae6e4f03
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
22
plf
c1.adform.net/imatch/ Frame C4B1 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame C4B1 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8888949933311824082&Expiration=1705414406
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-216-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame C4B1 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:12:27 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:12:27 GMT
token
token.rubiconproject.com/ Frame C4B1 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame C4B1 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8888949933311824082&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.8.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-8-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame C4B1 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8888949933311824082&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame C4B1 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:12:27 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704204747222095-550
sync
x.bidswitch.net/ Frame C4B1 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame C4B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StzWr%2F5wKWIap7Z9Io9HIiPrDwrBc23GBpWGxIMtzsoU%2BN5Q206y734%2BnP9Sk533BxvsOYQssbFknrvZUsF8hK59r4MPM3N8ecKrEcV36%2FeYg%2Bal9%2FluuPkN2wDMhPnpEjyesA6AJ6jQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f398d6da2c927a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe%2BgsEhaPG0XlFkOPPmUpEG4utJkZiFCsHSGBL1LXAI64bz3mslgB%2FXlGoaUyL9WiMqA6pHCGGjhfj6Z9YSpsYJPqjQkZupQfc9889dyQblLEFHv2W3ZajFjnrXOvhYln8ZDNI2c3qqh1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=8888949933311824082&expiration=1705414406&C=1
cache-control
no-cache
cf-ray
83f398d699e8927a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame C4B1
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8888949933311824082&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8888949933311824082&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=8888949933311824082&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503654076086417&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=7929666645488120199&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Rjc4NDBDRjlGQTVFRjQ&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=
0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:37 GMT
uip-status
Ok
frontend-id
03
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:37 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENmskxzAjJcufDEwvkjwoPs&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame C4B1 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=8888949933311824082&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
/
loadm.exelator.com/load/ Frame C4B1 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
server
nginx
server-timing
total;dur=1.000
etag
"60ec6d76-0"
398366.gif
idsync.rlcdn.com/ Frame C4B1 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8888949933311824082/gdpr=/ Frame C4B1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8888949933311824082/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.183.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-183-118.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.49
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame C4B1 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:12:27 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame C4B1 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame C4B1
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Server
52.218.112.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:28 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
5PNVT8HV9C6QB128
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
p+hVfh+FBon8jiGy3g4o0DoNk6S0SPTDdecNWRjA/J6lQPfkUzCsCKhPcdCUM4zk4vUhDgyEXlM=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 02 Jan 2024 14:12:26 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
ads.smartstream.tv/cm/ Frame C4B1
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8888949933311824082
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214cbb7062ccc4f8a87c7e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=48a4a8ed354f9705295660e67aa3d1f3
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214cbb7062ccc4f8a87c7e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
0
0
usermatch.gif
beacon.krxd.net/ Frame C4B1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1704204747
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame C4B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODg4ODk0OTkzMzMxMTgyNDA4Mg
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEActjPKXoP4C6o5iM9ES68g&google_cver=1&google_ula=1641347,0
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEActjPKXoP4C6o5iM9ES68g&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEActjPKXoP4C6o5iM9ES68g&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame C4B1 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame C4B1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=7929666645488120199&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=8888949933311824082
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
an-x-request-uuid
302fe040-d058-457b-ba14-a2dcbad74b8d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.247; 37.58.58.247; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=8888949933311824082
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C4B1 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame C4B1 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-113.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
UF4mbU93zRrJMym_9W6j1a707JDVLH5eeverOry8JXJoYSThtViScQ==
p
a.audrte.com/ Frame C4B1
Redirect Chain
  • https://a.audrte.com/a?adform_uid=8888949933311824082
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNiOHFwNGU0d3ZUdnk3YU1aSjRWSXBIQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.1
Server
34.243.165.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-165-208.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame C4B1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8888949933311824082&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=20231972238052069120584754700750723200&noredirect=1
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=20231972238052069120584754700750723200&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-1-v054-0d3e12a4c.edge-irl1.demdex.com 10 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
rn8QwbO8Rsc=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=20231972238052069120584754700750723200&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame C4B1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8888949933311824082
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204749002743594
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204749002743594
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204749002743594
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame C4B1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503654076086417
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503654076086417
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503654076086417
Date
Tue, 02 Jan 2024 14:12:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame C4B1 		62 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:12:27 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame C4B1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=TLIn4kzc1RkFvl5
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=TLIn4kzc1RkFvl5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:12:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=TLIn4kzc1RkFvl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C4B1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
server
Kestrel
content-length
70
content-type
image/gif
image.sbmx
global.ib-ibi.com/ Frame C4B1 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.182 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
0.gif
id5-sync.com/s/10/ Frame C4B1 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame C4B1
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1206311336
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zj4Z5Z/4W6y/4buodySlYu
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zj4Z5Z/4W6y/4buodySlYu
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
via
1.1 google
last-modified
Tue, 02 Jan 2024 14:12:27 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zj4Z5Z/4W6y/4buodySlYu
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame C4B1 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:12:27 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame C4B1 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, must-revalidate
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
n3xUfZNXrMQT8SvxXUPb0Ll3gTQlvvWW-LTVjX542ky7DjbsnltScA==
x-cache
Miss from cloudfront
8888949933311824082
match.contentexchange.me/adform/ Frame C4B1 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/8888949933311824082?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame C4B1 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=8888949933311824082&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame C4B1 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=8888949933311824082
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.235.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-235-147.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame C4B1 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=8888949933311824082&agencyId=9068&advertiserId=2177609&src=tp&rnd=547323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204745664&gcd=11l1l1l1l1&dma=0&cid=1837972625.1704204746&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704204745&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=Fundraise%20Up%20Checkout%20Open&ep.CampaignID=FUNKSBQFLQE&ep.CampaignCode=GGGEOYWB2312CG0012G6DN5&ep.CampaignName=2023%20End%20of%20Year%20Donate%20Now&ep.IsLivemode=true&_et=549&tfd=3009
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 9874 		474 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
5b920dee-4dea-45d9-a31b-2d7a451b4deb
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23
banks-059715db431d46d5564d03a4d03a508a.json
js.stripe.com/v3/fingerprinted/data/ Frame 9874 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/banks-059715db431d46d5564d03a4d03a508a.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:27 GMT
via
1.1 varnish
age
2957668
x-cache
HIT
content-length
1476
x-request-id
07afa33e-b110-4306-9e8e-0a745493fc29
x-served-by
cache-fra-etou8220061-FRA
last-modified
Wed, 04 Oct 2023 16:34:12 GMT
server
Fastly
etag
"059715db431d46d5564d03a4d03a508a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6D8F 		474 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
9f40a3aa-38ce-4901-bc1f-46cdea726af2
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
.deploy_status_henson.json
js.stripe.com/v3/ Frame FC17 		474 B
393 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
32ee25a1-10ae-44ee-8e59-4ac526be0212
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
25
saq_pxl
tags.srv.stackadapt.com/ Frame E178 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E%3F&t=&tip=Kt3LU5osW4ZKksQe_efrJOzS227y9mR_tA8tbbPeWAg&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-ba7f4498-3756-524e-4f02-9ba5007993f1%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9ba7f44983756524e4f029ba5007993f1253a3af7&sa-user-id-v3=s%253AAQAKIO3-krvLSdAgYHrZfTOr1G636TIqkH2L2QIT4DHlvtPqEHwYBCDKs9CsBjABOgT90vuTQgQgtwqX.AoZycR9Lo%252BuJ6ifJY1yHOVMp94FZT%252B92J658CVGmPPw&sa-user-id-v2=s%253Aun9EmDdWUk5PApulAHmT8SU6Ovc.knP%252F%252Bcp2Nh9n06zVK5phrykVOhe93Jy89k0XlgTf%252Fyg&sa-user-id=s%253A0-ba7f4498-3756-524e-4f02-9ba5007993f1.ctXTiK3BYYO8irPITs5EvEDaKrtnoY%252FR2yOwOBz0HeI
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:12:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
wallet-config
merchant-ui-api.stripe.com/elements/ Frame C81C 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f9b9cc3eed515e5c04de37db3a5335a27e86497f2dc8d89a32627c4546b815b6
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2472
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747385462
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204747385149
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747385603
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747385480
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747386593
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204747386070
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747386385
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747386229
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747386781
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747386622
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747387078
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204747386900
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747387378
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204747387190
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747388174
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747387866
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747388738
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747388167
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747389461
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747388941
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747389551
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747389404
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747562563
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747561877
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747562459
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747562289
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747562470
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747562343
access-control-allow-credentials
true
content-length
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5BAD 		474 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
17
x-cache
HIT
content-length
296
x-request-id
3f4cd71f-cb0e-4f8b-af48-fcfe20856bd5
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
26
pay.js
pay.google.com/gp/p/js/ 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbfcec286e36b8f4223b247ba7988be0fa69dbc6938fb81707f84d3993663d98
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-1Hmq73r-UzJRy91c9EieeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-1Hmq73r-UzJRy91c9EieeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:12:27 GMT
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747563015
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747562837
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747563384
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747563090
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747563761
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747563226
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747564107
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1704204747563437
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747564300
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747563729
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747564131
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747563869
access-control-allow-credentials
true
content-length
0
graphql
www.paypal.com/targeting/ Frame 5EDC 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7fc32122bb067a632049eca1df259c6b13835531980433d5cdedeea47de3d81b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-esxc2ZzuwGReDasA9wuBe56uUaV/0ff74Z4y7R+PtQG9TEzm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-esxc2ZzuwGReDasA9wuBe56uUaV/0ff74Z4y7R+PtQG9TEzm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f545351061556
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f545351061556-33698c37297276e1-01
x-timer
S1704204748.517016,VS0,VE285
etag
W/"1b3-Md01VWPW+qK6bfLnfFckHFbow3s"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
b
r.stripe.com/ Frame 5BAD 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747564686
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747564088
access-control-allow-credentials
true
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E323
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_cm&google_hm=ay00SmxEYjJiMERtWWEyWFlTUmZJVVNMaGN2RXlyVDl2Z...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
776578
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E323 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-3LvZ6Wb0DmYa2XYSRfIUSLhcvEwg_qYGPvGREA&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E323
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1950771
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
an-x-request-uuid
d6e72de8-05b6-4bbf-b17e-3d7ce7610532
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame E323 		57 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-j7woQWb0DmYa2XYSRfIUSLhcvEzGXXCeI6M9bw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:12:27 GMT
tap.php
pixel.rubiconproject.com/ Frame E323 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-HP3HYGb0DmYa2XYSRfIUSLhcvEzcWteg5RxpeQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame E323 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-W-RoLmb0DmYa2XYSRfIUSLhcvEyavdnxX0RoZw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E323 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TDY3gGb0DmYa2XYSRfIUSLhcvEzLi85W0TnE9g
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13946
um
criteo-sync.teads.tv/ Frame E323 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-lq_JuWb0DmYa2XYSRfIUSLhcvEyZzsPXmgy_2A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:12:27 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame E323 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-qg18s2b0DmYa2XYSRfIUSLhcvEzJiAyT1UM6Jg&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame E323 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame E323 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:12:27 GMT
pixel
cm.adform.net/ Frame E323 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-opoK7Wb0DmYa2XYSRfIUSLhcvEzoyAih2Bl9Sw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame E323 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-nod2XWb0DmYa2XYSRfIUSLhcvEy_rFgN8N5MFg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame E323 		43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OCNRjGb0DmYa2XYSRfIUSLhcvEyaE3z2JGK9UA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAGfphyHPkxlKGyF2NAip7t4rBiqMDnCn6w%2FoYaY6uqHgIXgjr8jCS9RWZ%2FpjD5R%2BSWk89KdvpbMFsTqhnghUTsvanSXMmMEA9C6ZV6yxgR5J9aG3wky1aj%2FYyS6iCejxu%2FM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f398d84bf0927a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame E323
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM
Protocol
H2
Server
54.76.135.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-135-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0df1f10d6.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
bQz/pwwfRDc=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-07d021e8c.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Ysk0bicCTRE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szNHPx5DTHfS0QAYpnecsgMzq-gHzEfM
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame E323 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-L74WKWb0DmYa2XYSRfIUSLhcvEycWarih7nPLw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame E323 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-W45JlGb0DmYa2XYSRfIUSLhcvExK0tfE7eyCCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-216-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame E323 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-IyqIT2b0DmYa2XYSRfIUSLhcvExn0EKAbUHrgw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame E323 		0
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-mUAabGb0DmYa2XYSRfIUSLhcvExUWTlrE3LUgw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.136.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-136-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame E323 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-p31zXWb0DmYa2XYSRfIUSLhcvEzdyb35slNHiw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.19.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-19-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame E323 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-2iNhRWb0DmYa2XYSRfIUSLhcvEwvgkLDofg01Q&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Cache-Control
no-cache
X-TraceId
c084196c298c46f85eea52ade7b4f1f7
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E323 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ORyAOmb0DmYa2XYSRfIUSLhcvExLqzLeS2Ap1Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:26 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame E323 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-jfbGtGb0DmYa2XYSRfIUSLhcvEyG-J2FWhRYqw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
sync
criteo-partners.tremorhub.com/ Frame E323 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Rv11m2b0DmYa2XYSRfIUSLhcvEy5-JbIQeUQCw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:a2e1:966e:301b:d0c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:12:27 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame E323 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k--Mh2-2b0DmYa2XYSRfIUSLhcvExV-wBEvBVBcA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame E323 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-RVmGo2b0DmYa2XYSRfIUSLhcvExD01EHkOCKlQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:12:27 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:12:27 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame E323 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-Cz0HTGb0DmYa2XYSRfIUSLhcvExlIiaR30M3pg&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.8.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-8-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame AE34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_cm&google_hm=ay00SmxEYjJiMERtWWEyWFlTUmZJVVNMaGN2RXlyVDl2Z...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
705141
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-4JlDb2b0DmYa2XYSRfIUSLhcvEyrT9vgz79_Zg&google_gid=CAESENRzCIEbSkpRCwiWis--5ZM&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame AE34 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-3LvZ6Wb0DmYa2XYSRfIUSLhcvEwg_qYGPvGREA&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame AE34
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
830872
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
an-x-request-uuid
99e9c4de-5287-4caf-bced-035bd8c777dd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7929666645488120199
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame AE34 		57 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-j7woQWb0DmYa2XYSRfIUSLhcvEzGXXCeI6M9bw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:12:27 GMT
tap.php
pixel.rubiconproject.com/ Frame AE34 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-HP3HYGb0DmYa2XYSRfIUSLhcvEzcWteg5RxpeQ&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame AE34 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-W-RoLmb0DmYa2XYSRfIUSLhcvEyavdnxX0RoZw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AE34 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TDY3gGb0DmYa2XYSRfIUSLhcvEzLi85W0TnE9g
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13946
um
criteo-sync.teads.tv/ Frame AE34 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-lq_JuWb0DmYa2XYSRfIUSLhcvEyZzsPXmgy_2A
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:12:27 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame AE34 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-qg18s2b0DmYa2XYSRfIUSLhcvEzJiAyT1UM6Jg&dongle=013b
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame AE34 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame AE34 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:12:27 GMT
pixel
cm.adform.net/ Frame AE34 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-opoK7Wb0DmYa2XYSRfIUSLhcvEzoyAih2Bl9Sw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame AE34 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-nod2XWb0DmYa2XYSRfIUSLhcvEy_rFgN8N5MFg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame AE34 		43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OCNRjGb0DmYa2XYSRfIUSLhcvEyaE3z2JGK9UA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DltvNyyLyB5tsWOB3odfnldNw89cL99ODo77cAoXwyM7hix%2FqE03nkaoUxRBWXUbs7Bfa6Oz67K9n5ra3a1jrdh0e6MoISjugCHewfm4Ort%2FITC9%2FLOCUjpBokH%2BDXUBVIR3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f398d84bf1927a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame AE34
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0
Protocol
H2
Server
54.76.135.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-135-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0f7fdf65c.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
lbY/mAyBTOg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0fb2a6439.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
SS74xJdHRII=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vXMNAHZSFgXyG7xR3Q9erNhigf-vJ-k0
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame AE34 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-L74WKWb0DmYa2XYSRfIUSLhcvEycWarih7nPLw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame AE34 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-W45JlGb0DmYa2XYSRfIUSLhcvExK0tfE7eyCCw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-216-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame AE34 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-IyqIT2b0DmYa2XYSRfIUSLhcvExn0EKAbUHrgw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame AE34 		0
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-mUAabGb0DmYa2XYSRfIUSLhcvExUWTlrE3LUgw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.136.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-136-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame AE34 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-p31zXWb0DmYa2XYSRfIUSLhcvEzdyb35slNHiw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.19.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-19-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame AE34 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-2iNhRWb0DmYa2XYSRfIUSLhcvEwvgkLDofg01Q&initiator=partner
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:12:27 GMT
Cache-Control
no-cache
X-TraceId
ae015aaa09ac0cb7ad352238206bf308
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AE34 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ORyAOmb0DmYa2XYSRfIUSLhcvExLqzLeS2Ap1Q
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:25 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame AE34 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-jfbGtGb0DmYa2XYSRfIUSLhcvEyG-J2FWhRYqw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
sync
criteo-partners.tremorhub.com/ Frame AE34 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Rv11m2b0DmYa2XYSRfIUSLhcvEy5-JbIQeUQCw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:a2e1:966e:301b:d0c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:12:27 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame AE34 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k--Mh2-2b0DmYa2XYSRfIUSLhcvExV-wBEvBVBcA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:12:27 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame AE34 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-RVmGo2b0DmYa2XYSRfIUSLhcvExD01EHkOCKlQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:12:27 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:12:27 GMT
put
e1.emxdgt.com/ Frame AE34 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-OKWQY2b0DmYa2XYSRfIUSLhcvEzmeHBB0vm1FQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.235.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-235-147.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
server
awselb/2.0
setuid
ib.adnxs.com/ Frame E323 		43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-clZIVmb0DmYa2XYSRfIUSLhcvExZ_jq-zaNc3Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
an-x-request-uuid
02bd8dc4-e1f5-4f7d-b551-476e75f05731
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame AE34 		43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-clZIVmb0DmYa2XYSRfIUSLhcvExZ_jq-zaNc3Q
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
an-x-request-uuid
f8fd75c1-0988-45b5-9221-ebbf8a93af89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unip
trc-events.taboola.com/1335104/log/3/ 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1575&scd=0&ssd=2&est=1704204745916&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1704204747491&vi=1704204745914&ri=ff32df6cc9d83fa5f54268d2f1e52e39&sd=v2_7ef364d253d96630c01dbd211fed7b2f_fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49_1704204745_1704204745_CIi3jgYQwL5RGLr5ktTMMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 02 Jan 2024 14:12:27 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f7702586d9528
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f7702586d9528-0fc36408a5da915e-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
x-timer
S1704204747.332596,VS0,VE177
6
m.stripe.com/ Frame 2A79 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.143.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-143-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ba78a42c26ef8c9a2bcae61fbd1c16a11452c27b22ba6dbc59ea623bea5ed00a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747609331
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204747608862
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 2A79 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.143.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-143-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ba78a42c26ef8c9a2bcae61fbd1c16a11452c27b22ba6dbc59ea623bea5ed00a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747658622
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204747658261
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
sync
ups.analytics.yahoo.com/ups/58301/ Frame AE34 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58301/ Frame E323 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-jmiTKWb0DmYa2XYSRfIUSLhcvExqaJCJ0oZNlA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame E323
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4-BAmzxxBjbCiCqN1wGtYQ3vLi6_ddGA
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4-BAmzxxBjbCiCqN1wGtYQ3vLi6_ddGA
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=49 t=1704204747
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4-BAmzxxBjbCiCqN1wGtYQ3vLi6_ddGA
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1317896
content-length
0
usermatch.gif
beacon.krxd.net/ Frame AE34
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Hn6kR8b7rBWrtq0CRjRYNV-jORFNdQNL
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Hn6kR8b7rBWrtq0CRjRYNV-jORFNdQNL
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=52 t=1704204748
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Hn6kR8b7rBWrtq0CRjRYNV-jORFNdQNL
date
Tue, 02 Jan 2024 14:12:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
708442
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 39A2 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e075f28fdbe1022cf21aeb519452e25954d40efb2e46efaf59608bfc7323971d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NYcbRyiYcTkWRZiYZTGDZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NYcbRyiYcTkWRZiYZTGDZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 14:12:27 GMT
expires
Tue, 02 Jan 2024 14:12:27 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747941628
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747941344
access-control-allow-credentials
true
content-length
0
hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
js.stripe.com/v3/ Frame D883 		70 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
54
cache-control
max-age=60
content-encoding
br
content-length
24947
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:27 GMT
etag
"078b5f9fb44d244a9ec072f93a216630"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-content-type-options
nosniff
x-request-id
f35164fb-3f47-4bb7-a52a-be927f08e210
x-served-by
cache-fra-etou8220106-FRA
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747947606
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747947285
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747948311
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204747948079
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C498 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747956520
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747956342
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame C498 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:27 GMT
x-stripe-server-envoy-start-time-us
1704204747956891
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204747956610
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame D883 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747960729
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747960432
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D883 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747962510
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747962015
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D883 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204747962860
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204747962452
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame D883 		474 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
18
x-cache
HIT
content-length
296
x-request-id
7eba623b-5c79-4d0a-b05f-508a986bf561
x-served-by
cache-fra-etou8220061-FRA
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Fastly
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 5F1E 		419 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=60
content-encoding
br
content-length
283
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-request-id
83b29649-41e4-4048-b53a-0788ef9830a9
x-served-by
cache-fra-etou8220106-FRA
x-timer
S1704204748.902128,VS0,VE702
b
r.stripe.com/ Frame 052C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:28 GMT
x-stripe-server-envoy-start-time-us
1704204748033691
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204748033150
access-control-allow-credentials
true
content-length
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 39A2 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57423
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 17:27:23 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 39A2 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
tb
fndrsp-checkout.net/ 		2 B
490 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWHMZvrGmK02kUVAiWn8geH3u0a%2FJHzFJFBVW%2FAy2Wt4wMc1BSCKKk%2BM651fX16k0nc2O2i3DjnVUDvMADKaAv2AbZxAVMyDFKbmyzH1OVPwkMI3l2Qf1WhCaca%2FsZ6tMiONMtrx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f398db6e039c84-IAD
alt-svc
h3=":443"; ma=86400
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 39A2 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27264
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:09 GMT
pay
pay.google.com/gp/p/ui/ Frame 39A2 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb0cb0148358f8b188680cafe99411d32bd1787ae68803f43c71603681d8f0de
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZLgMB5-pWd1wQatQDcrqTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZLgMB5-pWd1wQatQDcrqTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:12:28 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 39A2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 39A2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14260
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 39A2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:12:28 GMT
b
r.stripe.com/ Frame 5BAD 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:28 GMT
x-stripe-server-envoy-start-time-us
1704204748424297
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204748424123
access-control-allow-credentials
true
content-length
0
api.js
hcaptcha.com/1/ Frame 5F1E 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7fc41227386600a12b18801d6d174000.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
0
x-amz-cf-pop
CDG50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
83f398df08eb6921-FRA
x-amz-cf-id
6PNTjaS7UjjvObHSICu3LDLsDblvLF726TCO1Lapl_NpYo9M8-T7UA==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 5F1E 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:28 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1109212
x-cache
HIT
content-length
38134
x-request-id
12b638e1-4338-48e1-9f43-207c31d53910
x-served-by
cache-fra-etou8220106-FRA
server
Fastly
x-timer
S1704204749.615829,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14932
HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 5F1E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=406f16ce-be40-4540-9340-a143a1ae0b88&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:12:28 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1109212
x-cache
HIT
content-length
7160
x-request-id
0a9ee0b3-4de6-4dc5-a2f3-c9c0b622c042
x-served-by
cache-fra-etou8220106-FRA
server
Fastly
x-timer
S1704204749.616372,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14585
csp-report
q.stripe.com/ Frame 5F1E 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204748706851
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204748706087
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 7BDD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=ueq4istrfzc
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f05f7eb45978ec7ee7925ccec9cda4bf89ae2a7d91743707f0560e018ee130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
734728
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
83f398df59416921-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:12:28 GMT
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-id
2-zuZEwY-pWr-tMh0UXTScSsdN_JUPcWOTt9v4Y2kWaRmoHvMr3FLw==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:28 GMT
x-stripe-server-envoy-start-time-us
1704204748783130
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204748782707
access-control-allow-credentials
true
content-length
0
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 7BDD 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=ueq4istrfzc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=ueq4istrfzc
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7fc41227386600a12b18801d6d174000.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
23809
x-amz-cf-pop
CDG50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
83f398df89716921-FRA
x-amz-cf-id
6PNTjaS7UjjvObHSICu3LDLsDblvLF726TCO1Lapl_NpYo9M8-T7UA==
checksiteconfig
api.hcaptcha.com/ Frame 7BDD 		719 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b391e1f8882d44122506348fdf5a9aece3b04cbc5b3148aa1f12e7edd9658bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f398dfe9d46921-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/2458d9b/ Frame 7BDD 		499 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/2458d9b/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=ueq4istrfzc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age
187681
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:59:11 GMT
server
cloudflare
etag
W/"9d671418ff661c7370b4e3530ac92335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
83f398e019219036-FRA
x-amz-cf-id
Wrsibzo0DKxk6WozQEMVsXg1ycpq4eJPTI8cFnlISI_DVdmBorqSag==
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame 7BDD 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d1899616f7faed05f6e3a3bc1ccce7deea62f492fe69342f7a450507d341ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f398e27bc19036-FRA
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame C81C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:12:30 GMT
x-stripe-server-envoy-start-time-us
1704204750447696
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204750447156
access-control-allow-credentials
true
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4576&scd=0&ssd=2&est=1704204745916&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1704204750492&vi=1704204745914&ri=ff32df6cc9d83fa5f54268d2f1e52e39&sd=v2_7ef364d253d96630c01dbd211fed7b2f_fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49_1704204745_1704204745_CIi3jgYQwL5RGLr5ktTMMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3DFUNKSBQFLQE%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:12:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:12:31 GMT
via
1.1 varnish
age
1022204
x-cache
HIT
content-length
127
x-request-id
2e7b7453-029f-4619-9148-6d8a40c752ac
x-served-by
cache-fra-etou8220106-FRA
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Fastly
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
44478

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.smartstream.tv
URL
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214cbb7062ccc4f8a87c7e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| OneTrustStub function| OptanonWrapper function| FundraiseUp string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| drupalSettings object| Drupal object| webpackChunkgesso object| Donation5Reminder function| formatCurrency function| format2 function| checkEditCalculationPageExists object| gsapVersions boolean| __cfRLUnblockHandlers object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV object| webpackChunk_fundraiseup_checkout object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data object| funElementsApi string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa string| _linkedin_data_partner_id object| _qevents function| obApi function| fbq function| _fbq object| resonateAnalytics number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| TiktokAnalyticsObject object| ttq object| _adftrack function| ttd_dom_ready function| TTDUniversalPixelApi function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| lintrk boolean| _already_called_lintrk function| onYouTubeIframeAPIReady object| gaGlobal function| gtag function| UET function| UET_init function| UET_push object| gaplugins object| gaData object| ueto_ac157efda7 object| uetq function| apiObj function| quantserve function| __qc object| ezt object| _qoptions function| setImmediate function| clearImmediate function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| google_optimize function| AdelphicUniversalPixel object| GooglebQhCsO object| Adform object| KJUR object| adf function| __trcWarn function| omrhp object| __SENTRY__ object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| webpackChunkStripeJSouter function| noop function| Stripe object| ORIBILI object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

99 Cookies

Domain/Path Name / Value
.taboola.com/truenorth-marchofdimes-sc/ Name: taboola_session_id
Value: v2_7ef364d253d96630c01dbd211fed7b2f_fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49_1704204745_1704204745_CIi3jgYQwL5RGLr5ktTMMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABol9TM2v-Z45zBAXAB
.marchofdimes.org/ Name: fundraiseup_stat
Value:
.marchofdimes.org/ Name: fundraiseup_cid
Value: 17042047456941429864
.marchofdimes.org/ Name: _gcl_au
Value: 1.1.544842920.1704204746
.www.marchofdimes.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jan+02+2024+15%3A12%3A25+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=65cbb30e-6fb5-4fc2-af76-ac61948eb4d7&interactionCount=0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ2yll1XE0iePN8PHvhFb9O7fHT6xlsvXEfsonpaICQOO89LBCkxcYJWksvrFaJR61Rj23SrEXUa36FT58ovKtZSZyPS6Aro_PGDfC6E&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.taboola.com/ Name: t_gid
Value: fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49
.taboola.com/ Name: t_pt_gid
Value: fdd10a89-c9f3-4a9a-a5b2-17a2106ec1c5-tuctc8d9f49
.marchofdimes.org/ Name: _ga
Value: GA1.2.1837972625.1704204746
.marchofdimes.org/ Name: _gid
Value: GA1.2.327169869.1704204746
.marchofdimes.org/ Name: _gat_UA-219864-60
Value: 1
.marchofdimes.org/ Name: _uetsid
Value: f498ee50a97811ee9471532f08a019e7
.marchofdimes.org/ Name: _uetvid
Value: f4990800a97811eeb82de154e63fadb7
.doubleclick.net/ Name: APC
Value: AfxxVi7AWHErUW2wcSi_Z3oMSm4YrXbr3Xu-GYEK0Sn5SQmqLqy9rA
.marchofdimes.org/ Name: fundraiseup_func
Value: {%22t%22:%22.marchofdimes.org%22%2C%22s%22:%221704204745701%22%2C%22sp%22:1%2C%22x%22:%2210%22}
.tiktok.com/ Name: _ttp
Value: 2aP08HVRCojgdSzfHDw3Gca9Che
.bing.com/ Name: MUID
Value: 1D482CBFC99D6C2424413F45C89D6DB3
.doubleclick.net/ Name: IDE
Value: AHWqTUnRbBTaYYE9vD3bNwtWj7zPz1h1aChKpDJVZO6hXeAFP3z6AkT7rCcNJIQtyUY
.linkedin.com/ Name: li_sugr
Value: ca7bd265-c561-4eab-a146-cb7aed399bee
.linkedin.com/ Name: bcookie
Value: "v=2&edd0ec94-2e01-4e7d-837d-33c18957f543"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3213:u=1:x=1:i=1704204746:t=1704291146:v=2:sig=AQGIshIgYHpdhbJfUV-JCRhbIHxN6ORR"
.quantserve.com/ Name: mc
Value: 659419ca-29dbc-b2d91-82221
.marchofdimes.org/ Name: _fbp
Value: fb.1.1704204746189.161007692
.marchofdimes.org/ Name: __qca
Value: P0-134860008-1704204746001
.adnxs.com/ Name: uuid2
Value: 7929666645488120199
.acuityplatform.com/ Name: auid
Value: 871904404316
.marchofdimes.org/ Name: _tt_enable_cookie
Value: 1
.bing.com/ Name: MSPTC
Value: 1aGAFVOry0otT72wDcOc5Mb5BnUYhqpp6eCwD6nVPR0
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ba7f4498-3756-524e-4f02-9ba5007993f1.ctXTiK3BYYO8irPITs5EvEDaKrtnoY%2FR2yOwOBz0HeI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ba7f4498-3756-524e-4f02-9ba5007993f1.ctXTiK3BYYO8irPITs5EvEDaKrtnoY%2FR2yOwOBz0HeI
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aun9EmDdWUk5PApulAHmT8SU6Ovc.knP%2F%2Bcp2Nh9n06zVK5phrykVOhe93Jy89k0XlgTf%2Fyg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aun9EmDdWUk5PApulAHmT8SU6Ovc.knP%2F%2Bcp2Nh9n06zVK5phrykVOhe93Jy89k0XlgTf%2Fyg
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO3-krvLSdAgYHrZfTOr1G636TIqkH2L2QIT4DHlvtPqEHwYBCDKs9CsBjABOgT90vuTQgQgtwqX.AoZycR9Lo%2BuJ6ifJY1yHOVMp94FZT%2B92J658CVGmPPw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO3-krvLSdAgYHrZfTOr1G636TIqkH2L2QIT4DHlvtPqEHwYBCDKs9CsBjABOgT90vuTQgQgtwqX.AoZycR9Lo%2BuJ6ifJY1yHOVMp94FZT%2B92J658CVGmPPw
.linkedin.com/ Name: UserMatchHistory
Value: AQLiwYh2Me5FXwAAAYzKhL5CUCvXWPSnBrlUqfqdApt36K_O-13jNw-gzbqfYD7vO3aN1VKaUOm88w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQItxOHZ0Gn4ugAAAYzKhL5C0WzA7EERxwl8PGSEsb-ev-tw88Hfv2AizsJLfgEKJ9YeiIv3Y6KnnwpZmsMPZA
.marchofdimes.org/ Name: _ttp
Value: hiWJuu3pkAKT2-lDf8Lj__dXq81
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDQyMDQ3NDY7MjswMjGPwVO89VQ4flaAjSK3yXJEPp+vXWqODfihEF4W1/T0HQ==
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
www.marchofdimes.org/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1704204746530%7D
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240102141226415d1dec-d192-4259-8b4a-875a642a69b5AQF1811paXq0hOAJOZUYrBgcNLHsJb6t"
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 4d07e1f8-feba-4c38-bb98-062b64420b6f
.ipredictive.com/ Name: cu
Value: 3c9453a3-3471-4c47-bc53-4bbb8653388c|1704204746531
.adform.net/ Name: uid
Value: 8888949933311824082
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1704291206_1704204806_1_Hu7u4e4e4R7u4e4REREeEREREQ
.seadform.net/ Name: uid
Value: 8888949933311824082
.marchofdimes.org/ Name: _ga_0DRBVSJJB1
Value: GS1.1.1704204745.1.1.1704204747.0.0.0
.casalemedia.com/ Name: CMID
Value: ZZQZywzSk7NPvZIv-lEJ1QAA
.casalemedia.com/ Name: CMPS
Value: 1199
.casalemedia.com/ Name: CMPRO
Value: 1199
.eyeota.net/ Name: SERVERID
Value: 19881~DM
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 8888949933311824082
.ads.stickyadstv.com/ Name: UID
Value: 68afcfda11a772ddc48fc7c5964b296c
.adnxs.com/ Name: anj
Value: dTM7k!M40<D>6NRF']wIg2C%wv4B*z!]tco8i_imf$9G=A^A.o.P!b0_sx`!5Hmhu4/9!j(niX$dE^@A#yQOn%s6HVRKVK6W4+cklezzllwQr^PwjQM4xfRZX<dmik<CS']CyfG:+-=r8fb:hP)[Q]P)j.gAITpM
.www.marchofdimes.org/ Name: __stripe_mid
Value: a7aff0ce-d1ef-46d7-8099-b328f5258d9ddd808e
.www.marchofdimes.org/ Name: __stripe_sid
Value: f65b6407-4166-41f7-af48-624c99c85d7dc527d7
.semasio.net/ Name: SEUNCY
Value: F7840CF9FA5EF4
.demdex.net/ Name: demdex
Value: 20231972238052069120584754700750723200
.dpm.demdex.net/ Name: dpm
Value: 20231972238052069120584754700750723200
cm.adsafety.net/ Name: UID
Value: CM12024010214cbb7062ccc4f8a87c7e
.adsafety.net/ Name: cm_uid
Value: CM12024010214cbb7062ccc4f8a87c7e
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-mUAabGb0DmYa2XYSRfIUSLhcvExUWTlrE3LUgw%22%2C%22version%22%3A%22criteo%22%7D
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22f5942340-a978-11ee-8812-3daa97943e6a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22f5942340-a978-11ee-8812-3daa97943e6a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22f5942340-a978-11ee-8812-3daa97943e6a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22f5942340-a978-11ee-8812-3daa97943e6a%22%2C%22version%22%3A%22eu-v1%22%7D
.media.net/ Name: data-c-ts
Value: 1704204747
.media.net/ Name: data-c
Value: k-j7woQWb0DmYa2XYSRfIUSLhcvEzGXXCeI6M9bw~~3
m.stripe.com/ Name: m
Value: 9f89b6be-fa05-41cc-995d-664a8d2ee88cc1d5ec
.media.net/ Name: visitor-id
Value: 3472063477317529000V10
tags.adsafety.net/ Name: UID
Value: 48a4a8ed354f9705295660e67aa3d1f3
tags.adsafety.net/ Name: DID
Value: 48a4a8ed354f9705295660e67aa3d1f3
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: 48a4a8ed354f9705295660e67aa3d1f3
.adsafety.net/ Name: ct_did
Value: 48a4a8ed354f9705295660e67aa3d1f3
.adsafety.net/ Name: ct_idt
Value: 100
.w55c.net/ Name: wfivefivec
Value: TLIn4kzc1RkFvl5
.adfarm1.adition.com/ Name: UserID1
Value: 7319503654076086417
.w55c.net/ Name: matchadform
Value: 5
cm.adsafety.net/ Name: permanent
Value: 1
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMndMTmhiODJnR1VIeWFCbzE0TTVpTFRRdmhyTS9nN3V6M3B3TVdZZTZJMEQ4VHFvVkYvWmJlcCt3YlJyRTRLM0RJYklsc1AwZ0dpWlErTW9HeVJiMWxOdUJpZnVRandKRkljaHVGZXhYVVhhb2IwSkZoQXNRNFBwVFI3RE1VSVVQT0E2S1ZsK3lNaE1RVFdEZFV6S0VNUmpqWitTcng1YjVDS1Fad3g4MG44VkpVMlJGcktCU3VQaXZEQzJIRlZISVVlaElGclpkZXpVN25TeHVjSUlvZlV6M1ZHeGlFWm11aytRdjAvbDE4K0FJUDhhRThKUk9wSWtheDFVWEpJaVBzUk8ybGRCYjlPZ0YvOUI5QTZ4UGJFNm1nQzdHNFB3cS9EUlkrMDNIY1p6dHFuOW90MnJsUUs1OXEvNSt3MzB3PT0%3D
.krxd.net/ Name: _kuid_
Value: QAwLYlZP
.agkn.com/ Name: ab
Value: 0001%3Aw%2BFC9Qf9YK8c%2BArLSJi5%2FZK3bsiLVoKM
.bluekai.com/ Name: bku
Value: aG/991LjksU9wHRG
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEQTmeQ8BeA81p1p1EWT1Mxyme/e9Jf7YWG=
.omnitagjs.com/ Name: ayl_visitor
Value: 6b69df51793bc44ae90c7ae9b7d19db2
.audrte.com/ Name: arcki2
Value: bcb8qp4e4wvTvy7aMZJ4VIpHA!20220908!1704204747820!ip#37.58.58.247
.audrte.com/ Name: arcki2_adform
Value: 8888949933311824082!20220908!1704204747820
.weborama.fr/ Name: AFFICHE_W
Value: XQmtwYAnhohd68
.postrelease.com/ Name: opt_out
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: bcb8qp4e4wvTvy7aMZJ4VIpHA!20220908!1704204747897
.tremorhub.com/ Name: tv_UICR
Value: k-Rv11m2b0DmYa2XYSRfIUSLhcvEy5-JbIQeUQCw
.tremorhub.com/ Name: tvid
Value: 2b4edd9393154e9ea7a8c3196357088a
.google.com/ Name: NID
Value: 511=CfRGtytu3GDZlytgTSUuCcJMfYM9WhoeArBC2i2dxPXOmQeN1fYsrUAZ8L0b6cLCP6_SkHS-GyVeKLdoA-csc2e7gGgvCMSkYOofVfSpf5bIQhIa8gtZ5eorrFjfUJPNQfxEf1BEBhrW4LSZQFtJvwt5j1xAAq3UTIH0AdhR8EQ
api.hcaptcha.com/ Name: hmt_id
Value: f9652c71-b17b-45b9-bbf2-26f48a5f2ea3

16 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=37949332820?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=37949332820?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8888949933311824082
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8888949933311824082/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.marchofdimes.org(Line 2)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-dCCX1wx7t8U8ZnoPtvgXl0DpbsY5y05zK80o/+TdjlA=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.audrte.com
a.twiago.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.ipredictive.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
amplify.outbrain.com
analytics.tiktok.com
api.adrtx.net
api.fundraiseup.com
api.hcaptcha.com
b.stripecdn.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.fundraiseup.com
cdn.resonate.com
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
give.marchofdimes.org
global.ib-ibi.com
go.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hcaptcha.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.ipredictive.com
js.stripe.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pay.google.com
pdw-adf.userreport.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
sentry.fundraiseup.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.fundraiseup.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.paypal.com
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ru
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
ads.smartstream.tv
104.17.71.206
104.18.13.242
104.18.36.155
104.19.218.90
104.19.219.90
104.26.5.251
107.21.19.202
108.157.1.118
13.107.42.14
13.248.245.213
141.226.224.32
141.226.228.48
142.250.181.230
142.250.186.66
142.250.74.194
15.197.193.217
151.101.1.21
151.101.1.44
151.101.129.35
151.101.64.176
154.59.122.94
162.19.138.117
164.132.25.185
172.67.72.38
178.250.1.9
18.159.136.150
18.193.153.136
18.195.8.215
18.203.91.219
18.66.112.57
185.167.164.39
188.114.97.3
192.229.221.25
198.137.150.201
198.47.127.205
2.16.164.8
2.19.120.77
2.23.197.190
216.46.185.182
216.58.206.38
23.213.165.149
23.213.165.82
23.218.208.23
23.32.185.35
2600:1f18:612b:4200:a2e1:966e:301b:d0c0
2600:9000:2190:1600:1b:5138:8a40:93a1
2600:9000:224a:5600:6:44e3:f8c0:93a1
2606:4700:10::6816:4245
2606:4700::6810:3865
2606:4700::6812:83ec
2607:ae80:4::25
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::5c
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:16::215:1490
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::300
3.121.27.153
3.123.235.147
3.65.6.17
3.71.149.231
34.117.157.22
34.243.165.208
34.250.183.118
35.190.24.218
35.244.159.8
35.244.174.68
37.157.4.28
37.157.5.133
37.157.6.234
37.157.6.254
37.252.171.53
37.252.171.85
40.160.4.235
44.240.143.252
46.19.11.36
52.218.112.163
52.28.181.94
52.30.133.211
52.48.216.154
52.58.206.230
52.73.161.34
54.186.23.98
54.194.99.174
54.229.8.219
54.76.135.177
54.78.254.47
63.35.246.168
64.74.236.127
65.9.66.113
69.173.144.139
69.173.144.165
72.44.44.12
74.119.119.150
77.243.51.121
77.243.51.122
85.114.159.118
85.215.5.31
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
03997c1e2212aeb6e2ad8dc8b2343ed6179226fddaa3ec6069d2cb59b37a8ca2
05b738465c25ebf51524e027d957e52b2b0e10e92952501a908f485c5030297e
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
0c44eee2a7a61e0ee06f0278ff7d01069ca06138096b8d7b13edb84532ca3fb7
0c96ee297df66fbdf05831e5f6ab322447131a2a01a8e953f79254bec58e7dd4
0d6e464f30b577bb2f06e2683c28d6608ba8d37d4e718cfe997e6102c7127dcd
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
23aa875faf380e6fc17fe623d2a768951cfe504772d40b55ca4dfb7f1e133b84
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
259377c9eefef6dd16af878a4bd9003359ec839dbb67b28dccc53953d9d530ab
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
2ad0e088bb0c6a3f8acc32a2f155b995dbb261c11da392a3245e42df358cc8b2
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
2ef2c5006d77dd38e61d2203b12ef392c988f974642be48a54fc734c6a99136f
2ef8157e67410dfc9624b8a438e6982bb8aa002e13cd3da6a42bea94422a6c10
2f41ffb95941975651275eb091c39bd5401f76ac58f85b5b44af419d625308f1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50db2a9aad8e33d5b048ace1dcc65f67f698d6fd0cb35f42dae7088019d957ea
50f05f7eb45978ec7ee7925ccec9cda4bf89ae2a7d91743707f0560e018ee130
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5778754fa488cca8815535c8e42d4d207701e175e1898e1ffce43e6abaf218f2
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
5b97ed17e8a18001ccf3cc6303ebfc6e1a6f34a266887509fc1808e3255b4625
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
69023f3a1a61e70282d1cc35ee1926b4cca01d0e49e45f2b19d7b5c48f09a84e
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
711a23aa01c797384574ae1a5d558ce2aab4c91feea32385905352bbb073722f
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72dc9df0c7e98313a61f28b2ff1a5d8a00910092fd9a033367df9760d1831096
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
7d8bc29adacb326bf54e884aed1210338f81a18db849a9405227d0ce686bc066
7fc32122bb067a632049eca1df259c6b13835531980433d5cdedeea47de3d81b
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893e6c401a64d29be92bdb793decbf1b21a067cd8a8102aa3679c34b010f17e6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e
93c5227d4b92b60f8790c0a2324c492f61bbd60a39b73006e8297b3e8c0a15c9
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94a7328f1947124f4304736cdcb0f157b21e78b6fe2fd2f4b4f856d29dd17c06
953f9b32c98ddd81c39d60ec73e011f9ec606f84eca290d929e0870b0c40f4c9
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99ebb532259a75968ccb5672ca994d8830a815e68b5d9b4304dd5fab2d0ac97e
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a5c25d6c7c32ace82a47c825606f5effd4d40903a20b6f5dbfa174952cf7c0b3
a8d1899616f7faed05f6e3a3bc1ccce7deea62f492fe69342f7a450507d341ae
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b391e1f8882d44122506348fdf5a9aece3b04cbc5b3148aa1f12e7edd9658bb4
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
b98f3a71675b4faaad62f41054c4a19d90f3a2a4918ad74a0d18f1d8a19e2866
b9eb41bf7e413dc318aa1937cfd9b012bffe35a639cb41b78070f8af45166618
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba78a42c26ef8c9a2bcae61fbd1c16a11452c27b22ba6dbc59ea623bea5ed00a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
c1d98bd93954fa54a8e61077fcb5eeef2324e6b31f3a85f2b25ea0e0673a6ddc
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c4dc9f56ced90cd16e3f880a98f0c4a68a924def1574472a0e41865a59db6148
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
d319171b6b6a8302b775fac4701505feebff71b61372b08420bb3a57427b04f9
d39f145b7feb7e628cdfa928519e445055f49da5df66d75d7cf0c993045dc2b2
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e075f28fdbe1022cf21aeb519452e25954d40efb2e46efaf59608bfc7323971d
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
f749df1a4db9a53002a1c7f3a6f564ce0a14bf1c60e70c17fdf20fbb5fdd9e02
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
f9b9cc3eed515e5c04de37db3a5335a27e86497f2dc8d89a32627c4546b815b6
fb0cb0148358f8b188680cafe99411d32bd1787ae68803f43c71603681d8f0de
fbfcec286e36b8f4223b247ba7988be0fa69dbc6938fb81707f84d3993663d98
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f