kidsforkidsnyc.rallybound.org Open in urlscan Pro
52.188.24.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001V6zAmRflWccwfiN2VSY1lf-hRGCpsWnt2xQLMXNGSO5zpm_N8pIsXK3MM6iHzIRlPv3JwSILh9iCyrNTvhyT...
Effective URL:
https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Submission: On March 01 via manual (March 1st 2024, 8:46:13 am UTC) from IT — Scanned from IT

Summary HTTP 113 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 113 HTTP transactions. The main IP is 52.188.24.159, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is kidsforkidsnyc.rallybound.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 16th 2023. Valid for: a year.

This is the only time kidsforkidsnyc.rallybound.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
8	52.188.24.159 52.188.24.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
14	2600:9000:215... 2600:9000:2156:e000:d:7e10:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
18	52.151.222.61 52.151.222.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
12	52.188.247.144 52.188.247.144	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
113	17

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.188.24.159 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

kidsforkidsnyc.rallybound.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2156:e000:d:7e10:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.151.222.61 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payments.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.188.247.144 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-0.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	rallybound.com cdn3.rallybound.com — Cisco Umbrella Rank: 388271 payments.rallybound.com — Cisco Umbrella Rank: 890200	2 MB
20	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2808 play.google.com — Cisco Umbrella Rank: 32	467 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	750 KB
18	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 682 eastus-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 82076	272 KB
8	rallybound.org kidsforkidsnyc.rallybound.org	217 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 368	55 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 746	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 177	90 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1973	318 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	182 KB
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 127	688 B
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 8508	405 B
113	12

	Domain	Requested by
18	payments.rallybound.com	cdn3.rallybound.com payments.rallybound.com
14	cdn3.rallybound.com	kidsforkidsnyc.rallybound.org cdn3.rallybound.com
12	eastus-0.in.applicationinsights.azure.com	js.monitor.azure.com
12	play.google.com	www.gstatic.com
10	fonts.gstatic.com	fonts.googleapis.com
8	www.gstatic.com	www.google.com pay.google.com www.gstatic.com cdn3.rallybound.com
8	kidsforkidsnyc.rallybound.org	kidsforkidsnyc.rallybound.org
6	js.monitor.azure.com	kidsforkidsnyc.rallybound.org payments.rallybound.com
6	fonts.googleapis.com	kidsforkidsnyc.rallybound.org payments.rallybound.com
5	www.google.com	kidsforkidsnyc.rallybound.org www.gstatic.com www.google.com
3	pay.google.com	cdn3.rallybound.com pay.google.com www.gstatic.com
3	code.jquery.com	kidsforkidsnyc.rallybound.org code.jquery.com
2	connect.facebook.net	kidsforkidsnyc.rallybound.org connect.facebook.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	kidsforkidsnyc.rallybound.org www.googletagmanager.com
1	graph.facebook.com	cdn3.rallybound.com
1	ajax.googleapis.com	kidsforkidsnyc.rallybound.org
1	r20.rs6.net	1 redirects
113	18

This site contains links to these domains. Also see Links.

Domain
policies.google.com
neonone.com

Subject Issuer	Validity	Valid
*.rallybound.org Go Daddy Secure Certificate Authority - G2	`2023-05-16` - `2024-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.rallybound.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 03	`2023-12-19` - `2024-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2024-02-15` - `2025-02-09`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Frame ID: 4D1C93E1452DF6592951873DED97ED1E
Requests: 44 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3
Frame ID: 579A1D12E15C61B4E87BDD7ADF85E289
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn
Frame ID: 3D77ABF05F459A4D5F1BDD0CD9CE2C8A
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&mid=
Frame ID: A51FD51629EC4E88141EFF620EF88C8B
Requests: 12 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Frame ID: 2CE9574B57EE73876391BE091441BD9E
Requests: 9 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Frame ID: 8366F3B561EE579160E21AD933CD9349
Requests: 8 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Frame ID: 53127BE9AFBA946A6748B89DC710A7DC
Requests: 8 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Frame ID: E2433B366DD3759190162A905BB87146
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate - Dance With Me Dance Center Fundraiser

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001V6zAmRflWccwfiN2VSY1lf-hRGCpsWnt2xQLMXNGSO5zpm_N8pIsXK3MM6iHzIRl... HTTP 302
https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

113
Requests

100 %
HTTPS

78 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

3817 kB
Transfer

7157 kB
Size

12
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://neonone.com/products/neon-fundraise/

Search URL Search Domain Scan URL

URL: https://neonone.com/privacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001V6zAmRflWccwfiN2VSY1lf-hRGCpsWnt2xQLMXNGSO5zpm_N8pIsXK3MM6iHzIRlPv3JwSILh9iCyrNTvhyTbz5vLpNTX0SWvPqpUwMCBxvc_XndnvwAUEsUc7C0RbjPsfMugiW_zOREjDAcuyuaxexttQzhL_Z9XjlOYB_S0pNBt910NXmV2poK0APULXzwzBl6S8RXnrh4p5xGVNS8WpzikBAmHAjgl7z3Zq9_R9sdRETif07SDhQBQJukoS_4KHryAItBj7MQPVRJ5SrTMT5HedvS1t_l&c=xKyCofi-lJtRYzLIcJ6ArgMzsOlmXjL2Ob4pS0CbwbDxvVGslNfaYA==&ch=i3KeexiqbBDz6L-7yd41RSMBlJc4DfKQZDmkpnOzQcn9myhdiwwOeQ== HTTP 302
https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Donate Show response
kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001V6zAmRflWccwfiN2VSY1lf-hRGCpsWnt2xQLMXNGSO5zpm_N8pIsXK3MM6iHzIRlPv3JwSILh9iCyrNTvhyTbz5vLpNTX0SWvPqpUwMCBxvc_XndnvwAUEsUc7C0RbjPsfMugiW_zOREjDAcuyuaxexttQzhL_Z9XjlOY...
https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

109 KB
110 KB

505ms
159ms

Document
text/html

52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4958084560bea97f98754b33b4f2ea63eca92d04280d9b0586b38e16c7723d12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com kidsforkidsnyc.org *.kidsforkidsnyc.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: no-cache, no-store
content-length: 111747
content-security-policy: frame-ancestors 'self' admin.rallybound.com kidsforkidsnyc.org *.kidsforkidsnyc.org; report-uri https://rest.rallybound.com/api/cspreport;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:07 GMT
expires: -1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=15552000;

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 01 Mar 2024 08:46:06 GMT
Location: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
83 KB 139ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer

Requested by

Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0947330ad485c59aa70662f393c83b03f7d8edf925b7997c71a4b1ac91c0d468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:07 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 34 KB
8 KB 55ms
16ms Stylesheet
text/css 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 14482140
x-cache: HIT, HIT
content-length: 8056
x-served-by: cache-lga21964-LGA, cache-mxp6942-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709282767.251186,VS0,VE0
etag: W/"28feccc0-898c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 2513

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
867 B 166ms
85ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:33:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:07 GMT

GET
H2 200 alldash-fonts.css
kidsforkidsnyc.rallybound.org/Content/Global/css/ 5 KB
1 KB 231ms
229ms Stylesheet
text/css 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/css/alldash-fonts.css
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "0f6f0fae04d71:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1125
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
cdn3.rallybound.com/Content/css/ 416 KB
417 KB 346ms
230ms Stylesheet
text/css 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1d49e1c68b308e43911ba41286fc004da66cfde547c62e221033dc6219da4c5d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 12:36:16 GMT
x-amz-cf-pop: FRA50-C1
etag: "fe8db2e3b6bda1:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 425878
x-amz-cf-id: dpb3aOSghDYzHFJmCMUbbwQJrN3bTfBevOC4DHmHk9dASF987J25hg==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js Show response
cdn3.rallybound.com/Content/js/ 122 KB
122 KB 150ms
34ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:17:08 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 04:17:20 GMT
x-amz-cf-pop: FRA50-C1
age: 14095739
etag: "82de6f5979ebd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 124532
x-amz-cf-id: k9-jtiwyWZVG8OXA0656dHtJyzUUEnmP2J3_Is0ZAizrkPWDR8SpOw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 197 KB
52 KB 96ms
30ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 04:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 04:01:48 GMT

GET
H2 200 terms.E5DBB1D66AD3B4BCE01710A87C6AC007.min.js Show response
cdn3.rallybound.com/Content/js/ 175 KB
176 KB 185ms
70ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/terms.E5DBB1D66AD3B4BCE01710A87C6AC007.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dc816420871def2a073fc576b23e023032e07bb1b800e9246280cc73bd2e7908

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 05:11:59 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 05:05:02 GMT
x-amz-cf-pop: FRA50-C1
age: 2518448
etag: "b73ea236cc54da1:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 179357
x-amz-cf-id: LAMReyK1YjYU58Q_tVbp0Gdv63qnoqgZ9ykK28YT4ecFIYeRRvXiRQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 mobile-detect.js Show response
cdn3.rallybound.com/Content/Global/js/ 73 KB
73 KB 149ms
33ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/Global/js/mobile-detect.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 25 May 2023 06:38:59 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: FRA50-C1
age: 24286027
etag: "56d595fbe04d71:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 74643
x-amz-cf-id: pbSt3DIpR9RirY9TB7QqbaFOuYsipHsc8rN6wSS725KEIKnj5yN66A==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js Show response
cdn3.rallybound.com/Content/js/ 276 KB
276 KB 228ms
113ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9db93d306ed7a1c0b7c1657f0c98a374501ef4d520e5bda71724bcdb952b17ea

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:01:44 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 05:54:21 GMT
x-amz-cf-pop: FRA50-C1
age: 1392263
etag: "59b4aa41a5fda1:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 282172
x-amz-cf-id: _OSufns020IkFwQIQX-8w7Zv6QI5w6WdeYYkYLRdnlE4NH6zW8zL8w==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 128ms
48ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Requested by

Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2860fbdeeb3510d9654a22edeac988a71874f9a195152b49ea9c49c4763f5f08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 08:46:07 GMT

GET
H2 200 kfk-junior-color.png
cdn3.rallybound.com/content/images/img/27813/1122950/w0-h90-keep-height/ 14 KB
14 KB 372ms
257ms Image
image/png 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/content/images/img/27813/1122950/w0-h90-keep-height/kfk-junior-color.png
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3ca46d2214740c90ad8aa9ef46da9aa01d8fce56f192a40706d0ac89b0e14480

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 21:44:31 GMT
x-amz-cf-pop: FRA50-C1
etag: "2fcebbd65755da1:0"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 14334
x-amz-cf-id: ZT3FEhR7c1Lgcgq1l6zbsI8ikVcG5oWnnjHhiGHoXBiw-hDRLM29OA==

GET
H2 200 dc4617c5-e3b2-41ce-9658-6c44fd317e04.jpg
cdn3.rallybound.com/content/images/img/27813/1137895/w618-h270/ 38 KB
39 KB 265ms
265ms Image
image/jpeg 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/content/images/img/27813/1137895/w618-h270/dc4617c5-e3b2-41ce-9658-6c44fd317e04.jpg
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6146f430d55b3e54b8ad3711de19a7a881bb2bed68d87041f58595d2da73ecce

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 22:10:26 GMT
x-amz-cf-pop: FRA50-C1
etag: "faebf6185c6bda1:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 39363
x-amz-cf-id: giJOANXpa01DGmu4o_CeLcW3fgyRG7qoDvWNXOMQWK41-2kJfUrS3A==

GET
H2 200 donate-v3-new.ED756148A914412F8625A8BDAAE0BF1A.min.js Show response
cdn3.rallybound.com/Content/js/ 321 KB
322 KB 32ms
31ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/donate-v3-new.ED756148A914412F8625A8BDAAE0BF1A.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1eb0b1ccf7a1cccbfeaed9736793fbebbe23f45e9ba1fa679ad76a70ac267817

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:05:28 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 05:54:25 GMT
x-amz-cf-pop: FRA50-C1
age: 1392039
etag: "5555c743a5fda1:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 329141
x-amz-cf-id: lDo6P5ng1q0lrkxJwA-IhaMfiNoFeiltyEp3Bpi5AxaPVZRBiT9-Nw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 Gmail-logo-big.jpg
kidsforkidsnyc.rallybound.org/Content/Global/img/ 33 KB
33 KB 118ms
117ms Image
image/jpeg 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/img/Gmail-logo-big.jpg
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d16798afce9f21e80df5f3ff8a10b4583f07f89ff40b0a7aa8ab84893830c192

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "b49c5cfbe04d71:0"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 34151
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 Yahoo-mail-big.jpg
kidsforkidsnyc.rallybound.org/Content/Global/img/ 43 KB
43 KB 120ms
120ms Image
image/jpeg 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/img/Yahoo-mail-big.jpg
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3abb062bf7d12bf56c5c136ea9c9d640ccc11f7a113e8c3091c18e9953493a7a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "b49c5cfbe04d71:0"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 43836
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 AOL-logo-big.jpg
kidsforkidsnyc.rallybound.org/Content/Global/img/ 12 KB
13 KB 119ms
119ms Image
image/jpeg 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/img/AOL-logo-big.jpg
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6400897cd5da53a23bea537adad28096be10f73d24e8caf0b7d469555db4d525

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "a17555fbe04d71:0"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 12772
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 siteseal_gd_3_h_l_m.gif
cdn3.rallybound.com/Content/Global/img/ 17 KB
17 KB 27ms
27ms Image
image/gif 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/siteseal_gd_3_h_l_m.gif
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:58:23 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 24540464
etag: "418787fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 16946
x-amz-cf-id: NJd-w8iVS_QY5EzsiaCgRdIK6GPgViso0xKCAK6Vt0TBk87ybWOpYQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 on-dark.svg
cdn3.rallybound.com/content/fundraise/ 21 KB
21 KB 27ms
27ms Image
image/svg+xml 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/content/fundraise/on-dark.svg
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:49:43 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 13636584
etag: "f97717fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 21339
x-amz-cf-id: HMJ6lGkHi_lmU-nCgyoLk_0Aoh-mRvBzvoxH_01pEEGX3MzZNwjyZg==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js Show response
cdn3.rallybound.com/Content/js/ 13 KB
14 KB 27ms
27ms Script
application/javascript 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:35:54 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 23:38:54 GMT
x-amz-cf-pop: FRA50-C1
age: 12831013
etag: "b26042f164f2d91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 13448
x-amz-cf-id: GWlEWw6ZlI8PIL5BNEgX7saHn0K-EisSLEARTOqM0ShUguGs3ybzDQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 spacer.png
kidsforkidsnyc.rallybound.org/Content/Global/img/ 184 B
271 B 117ms
116ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/img/spacer.png
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
etag: "7be989fbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 184
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 nav-bar-org.png
kidsforkidsnyc.rallybound.org/Content/Global/img/ 1 KB
2 KB 117ms
116ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/img/nav-bar-org.png
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "bcfd7dfbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1517
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 84ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KYX847QR49&gtm=45je42s0v9119014892za200&_p=1709282767215&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2083932699.1709282767&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709282767&sct=1&seg=0&dl=https%3A%2F%2Fkidsforkidsnyc.rallybound.org%2F2024-dance-with-me-dance-center-fundraiser%2FDonate&dt=Donate%20-%20Dance%20With%20Me%20Dance%20Center%20Fundraiser&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&ep.etype=STANDALONE&tfd=1249
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 08:46:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kidsforkidsnyc.rallybound.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
99 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q6PP8PXZS6&l=analyticsDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a4116a40a9e8b9bf9eaf4b5af1dcc722ad6e5643eaccb7b545baf3bb82c7dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:08 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
46 KB 249ms
48ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:07 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00JXhZQAAAADkLMJ5pfZbTbJfNxc9aBXJTVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 126ms
47ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:18 GMT
x-content-type-options: nosniff
age: 304670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:08:18 GMT

GET
H2 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 493 KB
197 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0941f8d51e37c1725a61d6ca1af2815f1b51c6f146b1761a7dfdcfd59135f5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200851
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 20:24:55 GMT

GET
H2 200 blackSelMod-w.png
cdn3.rallybound.com/Content/Global/img/ 1023 B
1 KB 27ms
27ms Image
image/png 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/blackSelMod-w.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:34:12 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 14310716
etag: "ccc363fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1023
x-amz-cf-id: 2glPOrdT99jvqde8skhVofF4CKNhKcg4vOR11XhMBjUQ-4XeYWf1tw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 168ms
103ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:46:45 GMT
x-content-type-options: nosniff
age: 259163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:46:45 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 190ms
125ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:09:28 GMT
x-content-type-options: nosniff
age: 257800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:09:28 GMT

GET
H2 200 blue-cstm.png
cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/ 2 KB
2 KB 27ms
27ms Image
image/png 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/blue-cstm.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 16:26:37 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: FRA50-C1
age: 13191571
etag: "34e8a8fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 2036
x-amz-cf-id: kFP5MZY-TBryLgSJBqUAkrX_5ri2Oh4tjBhfE8QjMhbqklhJERY-lw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 Root Show response
payments.rallybound.com/iframe/ Frame 579A 6 KB
4 KB 432ms
123ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04b81374dbcdc6845ca69a458382cb679b4061790f809458231ccb459bd54dfa

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:08 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 ui-bg_flat_75_ffffff_40x100.png
code.jquery.com/ui/1.11.2/themes/smoothness/images/ 247 B
395 B 18ms
17ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d8e11e60d4bea1be893967121726137eeca9ad95bfab62cfecf8e2fe20093c7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-lga21936-LGA, cache-mxp6942-MXP
date: Fri, 01 Mar 2024 08:46:08 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
age: 2074215
x-timer: S1709282768.195322,VS0,VE0
etag: "28feccc0-f7"
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
content-length: 247
x-cache-hits: 15635, 18

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 120ms
86ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 05:34:53 GMT
x-content-type-options: nosniff
age: 184275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 05:34:53 GMT

GET
H2 200 ui-bg_highlight-soft_75_cccccc_1x100.png
code.jquery.com/ui/1.11.2/themes/smoothness/images/ 319 B
436 B 17ms
17ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f3146e65c7bfbd4093c2450eed21d3ab3ce24095b5077b4ff506b00112acf53

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-lga21932-LGA, cache-mxp6942-MXP
date: Fri, 01 Mar 2024 08:46:08 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
age: 257383
x-timer: S1709282768.196465,VS0,VE0
etag: "28feccc0-13f"
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
content-length: 319
x-cache-hits: 1352, 2

GET
H2 200 / Show response
graph.facebook.com/v3.2/ 277 B
688 B 400ms
313ms Script
text/javascript 2a03:2880:f083:10e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v3.2/?id=https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser&fields=engagement&access_token=231770446863414%7C5So8vlk56QRtuBJ0M9YI-_i7qWQ&callback=jQuery17106906267714819949_1709282768104&_=1709282768191

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da0a995fc1e75f0a2805b0d7b0685047c2adfaaf196af6fd12aa89512fad57ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
date: Fri, 01 Mar 2024 08:46:08 GMT
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1011767228
alt-svc: h3=":443"; ma=86400
content-length: 178
pragma: no-cache
x-fb-debug: Oto1sQlA+DyR7AjXm0mBVA4QMW7lR3DGCUo/NFhGE8IcQub3nseJj2xNmwhwEpnjIwo7+MwTCuDMrQ2gMbGO2g==
x-fb-trace-id: ChhtNkwE1S6
etag: "ea166981b4a7412619c88df40f75c36617054ec8"
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AloDVD8cfPSpuZsEeXQn0Ei
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v13.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 91ms
37ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

363a77ca19acf57b28571828302a92c6e42fa606d4996b76f2f440b13c56e1bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 08:46:08 GMT
content-md5: R/UzXajNvFspNm9M0T1dpg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: A3MdziY2zzbhhmSFcqRp6Sw6/1e9TUuwiMW85WsK9f1LmAu1VeJOSMbF0ILSv5ZM3vSFXbuCJF/PG+NwKWt89w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 186448151cc0ec7395ec9905ccccac42
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4e21dc4967a5a46d1b112c22fec99c90"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 01 Mar 2024 08:46:35 GMT

GET
H2 200 icomoon-alldash.ttf
kidsforkidsnyc.rallybound.org/Content/Global/fonts/ 15 KB
15 KB 119ms
118ms Font
application/octet-stream 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kidsforkidsnyc.rallybound.org/Content/Global/fonts/icomoon-alldash.ttf?-uvcgatt
Requested by: Host: kidsforkidsnyc.rallybound.org
URL: https://kidsforkidsnyc.rallybound.org/Content/Global/css/alldash-fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 80f33eedf939e9024713705b0cb1ca111157591373faa0ef2ff5e8b6cd775277

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/Content/Global/css/alldash-fonts.css
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "6d4e4efbe04d71:0"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 15644
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 RallyBound-IconFont.woff2
cdn3.rallybound.com/Content/Global/fonts/ 9 KB
10 KB 26ms
25ms Font
application/font-woff2 2600:9000:2156:e000:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/Global/fonts/RallyBound-IconFont.woff2?jh5u39
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e78975558e2e47f28e6633039141c6c1295fa0fceb4e709fc3c68de875e0bd4

Request headers

Referer: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 07:10:02 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 20396165
etag: "e4eb4bfbe04d71:0"
x-cache: Hit from cloudfront
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 9716
x-amz-cf-id: tZ3z7eWgLDq5eTtraOa0Lwl8hCQSWqOFXQnefhCEln0uH6DlNppUeA==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 183ms
84ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cdee22c53155d11e84b813cfdb7e937bea8d7fb8af904aa67266b2b418fc9bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UuY5a_RsTO0MvnwuGMhL4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UuY5a_RsTO0MvnwuGMhL4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmII1JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwXFjdtp5N4Mfu7ZsZAQuRMaw"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 01 Mar 2024 08:46:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q6PP8PXZS6&gtm=45je42s0v875796034za220&_p=1709282767215&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2083932699.1709282767&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709282768&sct=1&seg=0&dl=https%3A%2F%2Fkidsforkidsnyc.rallybound.org%2F2024-dance-with-me-dance-center-fundraiser%2FDonate&dt=Donate%20-%20Dance%20With%20Me%20Dance%20Center%20Fundraiser&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2061
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6PP8PXZS6&l=analyticsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kidsforkidsnyc.rallybound.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kidsforkidsnyc.rallybound.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 63ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=269ba85f0c67cf837908b3017849135c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

896d24ea2efe83dd401c148f058d33b39d930844dc962e160924cb20602283a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Origin: https://kidsforkidsnyc.rallybound.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 08:46:08 GMT
content-md5: FgJd3hriDhgnYpjMY1a0yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88666
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: LybFp8KckmlD0yak2EzG4XEUzYXV0HGyuKbc0bpH49gxoNu+O3wgFmDDJxtDcnuG9CP/fjPwto5f4D6kJHdxWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d03223d901f53e0843a215b01ce642be
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "29a3c09f3406e520fd0b6239ea08401f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Mar 2025 07:05:31 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3D77 45 KB
29 KB 72ms
71ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__it.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e4d44cc46de0bcee07a24dc58945986cbe103e7ef7a66f500fedbd4657a8261

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UYZu499wgEJoYU5w0SWYyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UYZu499wgEJoYU5w0SWYyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 08:46:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 3D77 55 KB
24 KB 103ms
29ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 08:07:32 GMT

GET
H3 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 3D77 493 KB
196 KB 112ms
44ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__it.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0941f8d51e37c1725a61d6ca1af2815f1b51c6f146b1761a7dfdcfd59135f5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200851
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 20:24:55 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A51F 19 KB
8 KB 244ms
242ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b066943ca33dc07620e244fa4b57994c23f9ae130634a8237ae913e0cf3735f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-n9VSnc8M0yKFQnLMz20XHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-n9VSnc8M0yKFQnLMz20XHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 01 Mar 2024 08:46:08 GMT
expires: Fri, 01 Mar 2024 08:46:08 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmII1JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwXFjdtp5NoOP4kYNMAAnVMWQ"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 579A 3 KB
540 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:37:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:08 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 579A 4 KB
2 KB 242ms
241ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4a4913b1c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 579A 107 KB
47 KB 126ms
126ms Script
text/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:33:46 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4c4c142be"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js Show response
www.google.com/js/bg/ Frame 3D77 17 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__it.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 21:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6963
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 21:46:06 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3D77 102 B
135 B 35ms
34ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=it&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed7550530fd434f0a7a5651dc324715c8a108a4beac5a5f58b4b8cd377511e41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 08:46:08 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame A51F 159 KB
56 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgMrATm_JpqVXidPaWB0cS3MUxP1A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8be2b429f2ec59a1098f59df07c4572a35cc63dd85127d684127e04fa565ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57695
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 08:05:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 19:03:14 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A51F 75 KB
27 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjUwysJycGuXBESKQaHd1I_tWtUGA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgMrATm_JpqVXidPaWB0cS3MUxP1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27673
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 21:59:47 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A51F 1 MB
376 KB 90ms
90ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eea94a4695a654e5f1311ff3d2c41a311ef3f25eea84f5988cb8f049d303b83f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_PBKEYnRbEissHHhhhOVfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_PBKEYnRbEissHHhhhOVfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmII1JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwXFjdtp5NYMOiDTOZAQl-MSw"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 01 Mar 2024 08:46:08 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A51F 10 KB
4 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjUwysJycGuXBESKQaHd1I_tWtUGA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4168
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 21:59:48 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A51F 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.it.UzIYYHe7MaI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjUwysJycGuXBESKQaHd1I_tWtUGA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

300758bf6b715bdafddf05cd537f9106b68d7539d47d8225f3dcc81b45cd3e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 21:59:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 121ms
59ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 141ms
90ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 122ms
62ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 141ms
94ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 120ms
61ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 141ms
93ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 196ms
152ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 122ms
64ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 134ms
91ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 123ms
65ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A51F 131 B
155 B 139ms
92ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 08:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 121ms
63ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Mar 2024 08:46:08 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 579A 120 KB
45 KB 48ms
48ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00JXhZQAAAAALuNdNw4wGSqmQWH0UcWdYTVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 CardNumber Show response
payments.rallybound.com/iframe/ Frame 2CE9 11 KB
5 KB 119ms
119ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

890ca7203daf9162ca058c277dc55dc59109da77386acaed2e156f861732c1b5

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:09 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardMonth Show response
payments.rallybound.com/iframe/ Frame 8366 10 KB
5 KB 161ms
160ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

200c7964c25a7811e2942573bc5c90c6a93da0ab95b790790c38dff9cba7d45e

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:09 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardYear Show response
payments.rallybound.com/iframe/ Frame 5312 9 KB
5 KB 158ms
158ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a45dfb50d04a2cffaee499cdef9b06ae23c1467c8a57482736e10756e523879

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:09 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardCvv Show response
payments.rallybound.com/iframe/ Frame E243 9 KB
4 KB 122ms
121ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

106e2727527ec7c1c7834907d470c232fb704faea2a15be029bd0718b9efd113

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 08:46:09 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3D77 13 KB
10 KB 84ms
83ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__it.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c8b536f707a2339d37000bd97a8836c0af49d26c5a54e82793161b03ee06061

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9raWRzZm9ya2lkc255Yy5yYWxseWJvdW5kLm9yZzo0NDM.&hl=it&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=vu3mpzq0kqvn
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 08:46:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2CE9 3 KB
444 B 40ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:37:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:09 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 2CE9 4 KB
2 KB 121ms
117ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4a4913b1c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 2CE9 107 KB
47 KB 129ms
125ms Script
text/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:33:46 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4c4c142be"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame E243 3 KB
444 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:33:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:09 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame E243 4 KB
2 KB 120ms
120ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4a4913b1c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame E243 107 KB
47 KB 123ms
123ms Script
text/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:33:46 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4c4c142be"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 579A 49 B
108 B 223ms
221ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 699ms
223ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H3 200 css
fonts.googleapis.com/ Frame 5312 3 KB
444 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:42:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:09 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 5312 4 KB
2 KB 198ms
197ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4a4913b1c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 5312 107 KB
47 KB 199ms
198ms Script
text/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:33:46 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4c4c142be"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame 8366 3 KB
444 B 39ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 07:35:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 08:46:09 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 8366 4 KB
2 KB 200ms
193ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4a4913b1c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 8366 107 KB
47 KB 200ms
193ms Script
text/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 30 Jan 2024 23:33:46 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1da53d4c4c142be"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ 2 KB
2 KB 25ms
25ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/27813.standalone-override.646DFD3B109840E924995A79E835C5E3.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn3.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:49:56 GMT
x-content-type-options: nosniff
age: 258973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 05 Mar 2024 08:49:56 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame E243 120 KB
45 KB 48ms
47ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00ZXhZQAAAABDxOM3WmQ1TqVc1t8HLLHoTVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame E243 23 KB
23 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:18 GMT
x-content-type-options: nosniff
age: 304671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:08:18 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame E243 23 KB
23 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:09:28 GMT
x-content-type-options: nosniff
age: 257801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:09:28 GMT

GET
H2 200 card.svg
payments.rallybound.com/img/payment-icons-master/ Frame 2CE9 604 B
965 B 119ms
117ms Image
image/svg+xml 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/payment-icons-master/card.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
etag: "1da53d4a491285c"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 604
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 2CE9 120 KB
45 KB 52ms
50ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00ZXhZQAAAAD1VX7O5CRHS6dribauQEElTVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 2CE9 23 KB
23 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:18 GMT
x-content-type-options: nosniff
age: 304671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:08:18 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 2CE9 23 KB
23 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:09:28 GMT
x-content-type-options: nosniff
age: 257801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:09:28 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 5312 120 KB
45 KB 51ms
51ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00ZXhZQAAAACMxlF4IWxDTqmRhFMv5K12TVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 blackSelMod-w.png
payments.rallybound.com/img/ Frame 5312 1023 B
1 KB 118ms
118ms Image
image/png 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/blackSelMod-w.png

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
etag: "1da53d4a49129ff"
content-type: image/png
accept-ranges: bytes
content-length: 1023
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 5312 23 KB
23 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:18 GMT
x-content-type-options: nosniff
age: 304671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:08:18 GMT

GET
H2 200 blackSelMod-w.png
payments.rallybound.com/img/ Frame 8366 1023 B
1 KB 115ms
115ms Image
image/png 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/blackSelMod-w.png

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:09 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Tue, 30 Jan 2024 23:32:52 GMT
etag: "1da53d4a49129ff"
content-type: image/png
accept-ranges: bytes
content-length: 1023
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 8366 23 KB
23 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:18 GMT
x-content-type-options: nosniff
age: 304671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:08:18 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 8366 120 KB
45 KB 52ms
52ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fkidsforkidsnyc.rallybound.org&rb-pageSource=newForm1748424836&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 08:46:08 GMT
content-encoding: br
x-azure-ref-originshield: 0vJLhZQAAAABrGoy0jeckSIzl8VDC8PkrRlJBMjMxMDUwNDE3MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
x-azure-ref: 00ZXhZQAAAAC1cNbbQlbWTblqIYMeeNS6TVJTMjExMDUwNjE3MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 85e8bcc1-201e-0030-49b3-6bb99a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame E243 49 B
108 B 276ms
276ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 413ms
225ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 314ms
223ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 2CE9 49 B
157 B 115ms
114ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 313ms
224ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 5312 49 B
108 B 224ms
223ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 8366 49 B
108 B 275ms
274ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

513fa9efcd57db663d3a04059d0e6758f2c0b42d54082c3353a8340cdb41effa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 276ms
224ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ 49 B
108 B 272ms
272ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

513fa9efcd57db663d3a04059d0e6758f2c0b42d54082c3353a8340cdb41effa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://kidsforkidsnyc.rallybound.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 08:46:09 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 263ms
224ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kidsforkidsnyc.rallybound.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 01 Mar 2024 08:46:09 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

486 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser	1969-12-31 23:59:59	Name: .rbsession4 Value: 4yju20mpp0krww5roedtaroa
www.google.com/recaptcha	1970-01-20 23:07:14	Name: _GRECAPTCHA Value: 09ANXPebAVedHhDnzo_5BO74c3P6n6A60Fiyyu5VkHBFD4vOO4iPtXJcB3ZmoGv4x3vzxJ1fgIb2r-G3rsijtNcYk
.kidsforkidsnyc.rallybound.org/	1970-01-21 04:24:02	Name: _ga_KYX847QR49 Value: GS1.3.1709282767.1.0.1709282767.0.0.0
.kidsforkidsnyc.rallybound.org/	1970-01-21 04:24:02	Name: _ga Value: GA1.3.2083932699.1709282767
.rallybound.org/	1970-01-21 04:24:02	Name: _ga_Q6PP8PXZS6 Value: GS1.1.1709282768.1.0.1709282768.0.0.0
.rallybound.org/	1970-01-21 04:24:02	Name: _ga Value: GA1.1.2083932699.1709282767
kidsforkidsnyc.rallybound.org/	1970-01-21 03:33:38	Name: ai_user Value: NlmRcvF/tGZG5JN9jDRq97\|2024-03-01T08:46:08.443Z
kidsforkidsnyc.rallybound.org/	1970-01-20 18:48:04	Name: ai_session Value: gFCYq8LfOIgrB6c/Zei7NM\|1709282768445\|1709282768445
.payments.rallybound.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 63ae01adc1720f146d82826b76b39fb46674c2971e831aa8669532b94b116d5c
payments.rallybound.com/	1970-01-21 03:33:38	Name: ai_user Value: lsVQSdc92MKyD7nQXL9bLW\|2024-03-01T08:46:08.992Z
.google.com/	1970-01-20 23:11:33	Name: NID Value: 512=E0nHWUpENzz1h89wz-eeKLOhuJ9xR03U-_Bkq5QrJpIHBJP5gJDYZ_pAiW4773w7h933-KW78baEBsoIUd3BAgF585YIZHhNZM-1jQmpRejBg8aF6GjMPLIzbcoJrhpfDEWcn_ReqoQInYi-uYw5P0nfBhQ_-v3EfBOyqvrLVcM
payments.rallybound.com/	1970-01-20 18:48:04	Name: ai_session Value: K+Cqe3iLDVHPOeplQO+74B\|1709282769097\|1709282769522

77 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js(Line 5) Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kidsforkidsnyc.rallybound.org/2024-dance-with-me-dance-center-fundraiser/Donate Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com kidsforkidsnyc.org *.kidsforkidsnyc.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn3.rallybound.com
code.jquery.com
connect.facebook.net
eastus-0.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
js.monitor.azure.com
kidsforkidsnyc.rallybound.org
pay.google.com
payments.rallybound.com
play.google.com
r20.rs6.net
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:34::36
208.75.122.11
2600:9000:2156:e000:d:7e10:cb00:93a1
2620:1ec:bdf::45
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c02::5c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a04:4e42::649
52.151.222.61
52.188.24.159
52.188.247.144
0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c
04b81374dbcdc6845ca69a458382cb679b4061790f809458231ccb459bd54dfa
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0941f8d51e37c1725a61d6ca1af2815f1b51c6f146b1761a7dfdcfd59135f5dc
0947330ad485c59aa70662f393c83b03f7d8edf925b7997c71a4b1ac91c0d468
106e2727527ec7c1c7834907d470c232fb704faea2a15be029bd0718b9efd113
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d49e1c68b308e43911ba41286fc004da66cfde547c62e221033dc6219da4c5d
1eb0b1ccf7a1cccbfeaed9736793fbebbe23f45e9ba1fa679ad76a70ac267817
200c7964c25a7811e2942573bc5c90c6a93da0ab95b790790c38dff9cba7d45e
2860fbdeeb3510d9654a22edeac988a71874f9a195152b49ea9c49c4763f5f08
2e4d44cc46de0bcee07a24dc58945986cbe103e7ef7a66f500fedbd4657a8261
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
2f3146e65c7bfbd4093c2450eed21d3ab3ce24095b5077b4ff506b00112acf53
300758bf6b715bdafddf05cd537f9106b68d7539d47d8225f3dcc81b45cd3e88
363a77ca19acf57b28571828302a92c6e42fa606d4996b76f2f440b13c56e1bb
3abb062bf7d12bf56c5c136ea9c9d640ccc11f7a113e8c3091c18e9953493a7a
3c8b536f707a2339d37000bd97a8836c0af49d26c5a54e82793161b03ee06061
3ca46d2214740c90ad8aa9ef46da9aa01d8fce56f192a40706d0ac89b0e14480
4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8
4958084560bea97f98754b33b4f2ea63eca92d04280d9b0586b38e16c7723d12
4e8be2b429f2ec59a1098f59df07c4572a35cc63dd85127d684127e04fa565ae
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
513fa9efcd57db663d3a04059d0e6758f2c0b42d54082c3353a8340cdb41effa
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
6146f430d55b3e54b8ad3711de19a7a881bb2bed68d87041f58595d2da73ecce
6400897cd5da53a23bea537adad28096be10f73d24e8caf0b7d469555db4d525
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cdee22c53155d11e84b813cfdb7e937bea8d7fb8af904aa67266b2b418fc9bc
7d8e11e60d4bea1be893967121726137eeca9ad95bfab62cfecf8e2fe20093c7
80f33eedf939e9024713705b0cb1ca111157591373faa0ef2ff5e8b6cd775277
858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05
890ca7203daf9162ca058c277dc55dc59109da77386acaed2e156f861732c1b5
896d24ea2efe83dd401c148f058d33b39d930844dc962e160924cb20602283a3
89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321
8a4116a40a9e8b9bf9eaf4b5af1dcc722ad6e5643eaccb7b545baf3bb82c7dd2
8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3
8e78975558e2e47f28e6633039141c6c1295fa0fceb4e709fc3c68de875e0bd4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
9a45dfb50d04a2cffaee499cdef9b06ae23c1467c8a57482736e10756e523879
9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672
9db93d306ed7a1c0b7c1657f0c98a374501ef4d520e5bda71724bcdb952b17ea
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c
b066943ca33dc07620e244fa4b57994c23f9ae130634a8237ae913e0cf3735f1
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d16798afce9f21e80df5f3ff8a10b4583f07f89ff40b0a7aa8ab84893830c192
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
da0a995fc1e75f0a2805b0d7b0685047c2adfaaf196af6fd12aa89512fad57ef
da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5
dc816420871def2a073fc576b23e023032e07bb1b800e9246280cc73bd2e7908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489
ed7550530fd434f0a7a5651dc324715c8a108a4beac5a5f58b4b8cd377511e41
eea94a4695a654e5f1311ff3d2c41a311ef3f25eea84f5988cb8f049d303b83f
ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8
f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389
fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

kidsforkidsnyc.rallybound.org Open in urlscan Pro 52.188.24.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

100 %HTTPS

78 %IPv6

12 Domains

18 Subdomains

17 IPs

3 Countries

3817 kBTransfer

7157 kBSize

12 Cookies

4 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kidsforkidsnyc.rallybound.org Open in urlscan Pro
52.188.24.159 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

100 %
HTTPS

78 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

3817 kB
Transfer

7157 kB
Size

12
Cookies

113 HTTP transactions
0 data transactions