give.cff.org Open in urlscan Pro
52.188.24.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.e2ma.net/click/x82nicb/hkxev8b/lzn4tnp
Effective URL:
https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Submission Tags: falconsandbox
Submission: On November 01 via api (November 1st 2023, 3:25:18 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 84 HTTP transactions. The main IP is 52.188.24.159, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is give.cff.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 11th 2023. Valid for: a year.

This is the only time give.cff.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.193.192.127 34.193.192.127	14618 (AMAZON-AES) (AMAZON-AES)
6	52.188.24.159 52.188.24.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
15	2600:9000:262... 2600:9000:262b:f200:d:7e10:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
18	52.151.222.61 52.151.222.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
12	52.188.247.144 52.188.247.144	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
84	13

1 34.193.192.127 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-192-127.compute-1.amazonaws.com

t.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.188.24.159 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

give.cff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:262b:f200:d:7e10:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.151.222.61 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payments.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.188.247.144 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-0.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	rallybound.com cdn3.rallybound.com — Cisco Umbrella Rank: 388089 payments.rallybound.com	2 MB
18	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1535 eastus-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 67627	339 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	605 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	201 KB
6	cff.org give.cff.org	218 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	53 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	252 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
1	e2ma.net 1 redirects t.e2ma.net — Cisco Umbrella Rank: 21870	455 B
84	10

	Domain	Requested by
18	payments.rallybound.com	cdn3.rallybound.com payments.rallybound.com
15	cdn3.rallybound.com	give.cff.org cdn3.rallybound.com
12	eastus-0.in.applicationinsights.azure.com	js.monitor.azure.com
9	fonts.gstatic.com	fonts.googleapis.com
6	js.monitor.azure.com	give.cff.org payments.rallybound.com
6	fonts.googleapis.com	give.cff.org payments.rallybound.com
6	give.cff.org	give.cff.org cdn3.rallybound.com
4	www.gstatic.com	www.google.com cdn3.rallybound.com
4	www.google.com	give.cff.org www.gstatic.com www.google.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	give.cff.org
1	code.jquery.com	give.cff.org
1	www.googletagmanager.com	give.cff.org
1	t.e2ma.net	1 redirects
84	14

This site contains links to these domains. Also see Links.

Domain
www.cff.org
policies.google.com
neonone.com

Subject Issuer	Validity	Valid
give.cff.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-11` - `2024-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.rallybound.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-20` - `2024-09-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2023-09-17` - `2024-09-11`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Frame ID: 97A469976891EF4BD563FD411255A7DB
Requests: 34 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3
Frame ID: FB64CC4DE163AB3FFA17164FBF315FB2
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=qpevf1ynb7nn
Frame ID: 8D7B78420BCA15710D6283308BDF6905
Requests: 5 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Frame ID: 85C6B277AAA0BD8AAF629762196D9D09
Requests: 9 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Frame ID: 07B17CC7E6EED6872AC96079B559CE44
Requests: 8 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Frame ID: 1D29EF2A6D48358145561264F2E419D9
Requests: 8 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Frame ID: 462C7055C5A4C070601BC1D3FED9B523
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate - Cystic Fibrosis Foundation

Page URL History Show full URLs

https://t.e2ma.net/click/x82nicb/hkxev8b/lzn4tnp HTTP 302
https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

84
Requests

100 %
HTTPS

71 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

3313 kB
Transfer

4837 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cff.org/privacy-statement
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.cff.org/about-us/attendance-policy-cf-foundation-events
Title: Attendance Policy

Search URL Search Domain Scan URL

URL: https://www.cff.org/about-us/annual-reports-and-financials
Title: https://www.cff.org/about-us/annual-reports-and-financials

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://neonone.com/products/neon-fundraise/

Search URL Search Domain Scan URL

URL: https://neonone.com/privacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.e2ma.net/click/x82nicb/hkxev8b/lzn4tnp HTTP 302
https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Donate Show response
give.cff.org/lt/
Redirect Chain

https://t.e2ma.net/click/x82nicb/hkxev8b/lzn4tnp
https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

140 KB
141 KB

484ms
145ms

Document
text/html

52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0653a1690f3c2556620f4199ce477ff12183e713edb38a925842966c71977c7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: no-cache, no-store
content-length: 143797
content-security-policy: frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:13 GMT
expires: -1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=15552000;

Redirect headers

content-type: text/plain
date: Wed, 01 Nov 2023 15:25:12 GMT
location: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
server: Apache
x-robots-tag: noindex, nofollow

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 87ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer

Requested by

Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63f6def9094bb09a31716f21c2b94470efe425fba4f78803220efc3d84817d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 15:25:13 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 34 KB
8 KB 79ms
20ms Stylesheet
text/css 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4050107
x-cache: HIT, HIT
content-length: 8056
x-served-by: cache-lga21964-LGA, cache-fra-etou8220021-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698852313.395788,VS0,VE0
etag: W/"28feccc0-898c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4001, 146

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
867 B 85ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:22:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:13 GMT

GET
H2 200 alldash-fonts.css
give.cff.org/Content/Global/css/ 5 KB
1 KB 345ms
344ms Stylesheet
text/css 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://give.cff.org/Content/Global/css/alldash-fonts.css
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "0f6f0fae04d71:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1125
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
cdn3.rallybound.com/Content/css/ 414 KB
415 KB 237ms
99ms Stylesheet
text/css 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bdd662a2ac39ba9452143e6f7769c1f279c663227d78c599dcb81b2d0365e92f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:09:44 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 16:04:56 GMT
x-amz-cf-pop: CDG52-P5
age: 2146528
etag: "ecd6f317edbbd91:0"
x-cache: Hit from cloudfront
content-type: text/css
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 423723
x-amz-cf-id: SIxpvVWKUL4gyNYj5LmU5G3Q_vhhDzF-Fsgstn_PCJAFyo5RS2A45Q==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js Show response
cdn3.rallybound.com/Content/js/ 122 KB
122 KB 177ms
39ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:17:08 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 04:17:20 GMT
x-amz-cf-pop: CDG52-P5
age: 3665285
etag: "82de6f5979ebd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 124532
x-amz-cf-id: CGXNRC5YiKZ4p1Vb0wmSNPZT8IzfP_0XtbBET4wOm6osv9r4XyTUJA==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 197 KB
198 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:25:00 GMT
x-content-type-options: nosniff
age: 468013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201875
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 05:25:00 GMT

GET
H2 200 terms.1929C73F86CF2364A42364E4B51A57F3.min.js Show response
cdn3.rallybound.com/Content/js/ 174 KB
175 KB 171ms
33ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/terms.1929C73F86CF2364A42364E4B51A57F3.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 204e13bfd3004a5cdfc5bec849234b70da8b74fe9c4b8e0b4dcb77d40653f0dc

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:27:58 GMT
via: 1.1 5a9550d4545f6d824ddf769a7aa0f164.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 04:22:39 GMT
x-amz-cf-pop: CDG52-P5
age: 1767434
etag: "af5d2dbcc3fcd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 178486
x-amz-cf-id: Hi3_OcCt7fqxVRtrVtbkRkuHwSQODLAw14yBytO-Lzeqhey_HDcFGw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 mobile-detect.js Show response
cdn3.rallybound.com/Content/Global/js/ 73 KB
73 KB 176ms
38ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/Global/js/mobile-detect.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:57:20 GMT
via: 1.1 5a9550d4545f6d824ddf769a7aa0f164.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: CDG52-P5
age: 4156072
etag: "56d595fbe04d71:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 74643
x-amz-cf-id: C8MNAfNRAnlQ93tVHF--7quONC1HOLXqDeKButWKn6x-Zgv4aGTWXA==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js Show response
cdn3.rallybound.com/Content/js/ 274 KB
275 KB 141ms
119ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 119e52a813937de0e484171a541a11e87f6d241aa9f7cbc1075d85db417f94b4

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:34:11 GMT
via: 1.1 5a9550d4545f6d824ddf769a7aa0f164.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 04:28:18 GMT
x-amz-cf-pop: CDG52-P5
age: 3880262
etag: "4d88b2b8fae5d91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 280773
x-amz-cf-id: YlnIw8iwRrdFL1P-KTe69nXDK-sPC-jQOFEoVQYnQl6TdX52OyFpmQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 89ms
36ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Requested by

Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f59db7776a7adccf8fb4a7c9cd612008f56a5ecc31a87c2f968f556dd0fc6b29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 01 Nov 2023 15:25:13 GMT

GET
H2 200 donation-reminder.4F61306811B9494558F4A6F06C674EFC.min.js Show response
cdn3.rallybound.com/Content/js/ 48 KB
49 KB 56ms
34ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/donation-reminder.4F61306811B9494558F4A6F06C674EFC.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2e23f6829451919d75ef0635c64550cfa9bb5e13c82f25d7b1ea11090324f3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 07:44:40 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 04:17:29 GMT
x-amz-cf-pop: CDG52-P5
age: 3570032
etag: "7514e65e79ebd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 49504
x-amz-cf-id: 9dRX3zyZzB4s-jXzUCN28BEKdNpOeTXu47am8uR6a7jJyzrM7UNrtQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 17b644b9-1d60-4ac5-a30b-a4c6cca8496c.png
cdn3.rallybound.com/Content/images/img/21351/1043971/w0-h90-keep-height/ 9 KB
9 KB 152ms
151ms Image
image/png 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/images/img/21351/1043971/w0-h90-keep-height/17b644b9-1d60-4ac5-a30b-a4c6cca8496c.png
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 40a224f209280ee86f5afadc2fbac9cd99f13d6782f9b7854b493679e5ee2f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:17:59 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 13:50:10 GMT
x-amz-cf-pop: CDG52-P5
age: 2318833
etag: "f573111536c9d91:0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9274
x-amz-cf-id: iufebWFFtj9N9JB5WCXVXGQMPlKRs4yC5wiEg42vR_JaA6tABE_9hA==

GET
H2 200 426f2808-bca7-47ce-a69b-7400339ffbc6.png
cdn3.rallybound.com/Content/images/img/21351/1065645/w618-h270/ 40 KB
40 KB 153ms
152ms Image
image/png 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/images/img/21351/1065645/w618-h270/426f2808-bca7-47ce-a69b-7400339ffbc6.png
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 095c24b97563d308cbd2bc133139cb14b14a5fa3ec5521470811027342f19a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:17:59 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 14:44:14 GMT
x-amz-cf-pop: CDG52-P5
age: 2318833
etag: "56ef52699af7d91:0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 40728
x-amz-cf-id: dDxbv8oRMiSFUKxORM14p_GrM0xR2Er4naLP7fX9at9lSjmDuFik7Q==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 75ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KYX847QR49&gtm=45je3au1v9119014892&_p=943995826&gcd=11l1l1l1l1&cid=1022906022.1698852313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698852313&sct=1&seg=0&dl=https%3A%2F%2Fgive.cff.org%2Flt%2FDonate%3Frbref%3D23Itsupport2%26donate%3D100&dt=Donate%20-%20Cystic%20Fibrosis%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&ep.etype=STANDALONE
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:25:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.cff.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 auto-complete-pixabay.CBB7EBB166D6AB2D8D54EFC61E70C4A4.min.js Show response
cdn3.rallybound.com/Content/js/ 4 KB
4 KB 30ms
30ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/auto-complete-pixabay.CBB7EBB166D6AB2D8D54EFC61E70C4A4.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32b3a9ad347203cff125001296cd6277daa9ee0515f5e05bd28453187e420277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:51:44 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 04:29:36 GMT
x-amz-cf-pop: CDG52-P5
age: 3717208
etag: "9869e7fae5d91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 3833
x-amz-cf-id: nVgyYUsw3MeOJkN-i51TVGU9avbhukf4zHDE5DkOiJYaVv4JlY-RLw==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 donate-v2-new.B5E9DA83FFE3C92A8FC08D63FAF6A9DC.min.js Show response
cdn3.rallybound.com/Content/js/ 321 KB
322 KB 33ms
32ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/donate-v2-new.B5E9DA83FFE3C92A8FC08D63FAF6A9DC.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0f087f08869fe2a4d00da776a70143a4f9a7008143d390eb5060cf934ad7c91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 04:20:36 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 04:15:36 GMT
x-amz-cf-pop: CDG52-P5
age: 3063876
etag: "8f59f343f9f0d91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 328870
x-amz-cf-id: vQgykf5J2JXJIg5DFEq7GwP9vuqJt6WhJrKHI_hpohm5dJHjBwEyGQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 siteseal_gd_3_h_l_m.gif
cdn3.rallybound.com/Content/Global/img/ 17 KB
17 KB 32ms
32ms Image
image/gif 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/siteseal_gd_3_h_l_m.gif
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 06:19:17 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: CDG52-P5
age: 3661555
etag: "418787fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 16946
x-amz-cf-id: k_zqNwpqTAOHl8t7vq4ndh_8YYIYmAUUKcUlrzU-Clyh4dh3rbVzWQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 on-dark.svg
cdn3.rallybound.com/content/fundraise/ 21 KB
21 KB 33ms
32ms Image
image/svg+xml 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/content/fundraise/on-dark.svg
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 14:15:21 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: CDG52-P5
age: 4324192
etag: "f97717fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 21339
x-amz-cf-id: DBQowNExLH0FnY2F_xztlkQggqoYNGpRwXlc43BxTyCMBQjUiyLZXg==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js Show response
cdn3.rallybound.com/Content/js/ 13 KB
14 KB 39ms
38ms Script
application/javascript 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:17:09 GMT
via: 1.1 5a9550d4545f6d824ddf769a7aa0f164.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 04:17:22 GMT
x-amz-cf-pop: CDG52-P5
age: 3665284
etag: "7934895a79ebd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 13448
x-amz-cf-id: kUfw-YzG-CDBMoEhzGIirV9UC9Ibk2RJjJnINLDobR4SOSbSXyP4jQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 spacer.png
give.cff.org/Content/Global/img/ 184 B
263 B 350ms
349ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.cff.org/Content/Global/img/spacer.png
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
etag: "7be989fbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 184
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 nav-bar-org.png
give.cff.org/Content/Global/img/ 1 KB
2 KB 349ms
348ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.cff.org/Content/Global/img/nav-bar-org.png
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "bcfd7dfbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1517
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
56 KB 223ms
44ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: give.cff.org
URL: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152513Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000cbqh
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H2 200 blackSelMod-w.png
cdn3.rallybound.com/Content/Global/img/ 1023 B
1 KB 37ms
36ms Image
image/png 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/blackSelMod-w.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:34:12 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: CDG52-P5
age: 3880261
etag: "ccc363fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1023
x-amz-cf-id: hz_CBwnmZFW4nv4Ode9cMZH1CFUGVNWHBxAAZiMKxHeO5hnx0NoTOQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 202ms
43ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 557136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 213ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 324400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 21:18:33 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 201ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 372575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:55:38 GMT

POST
H2 200 GetMatchedAmount Show response
give.cff.org/lt/Donate/ 522 B
587 B 304ms
303ms XHR
application/json 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://give.cff.org/lt/Donate/GetMatchedAmount

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3fda0eb83eea5bc4287cf8a530724dfdd503a38906e0b35ad137910e3f868f49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Request headers

Accept: */*
Referer: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
pragma: no-cache
content-security-policy: frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
strict-transport-security: max-age=15552000;
date: Wed, 01 Nov 2023 15:25:13 GMT
content-type: application/json; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store
content-length: 522
expires: -1

GET
H2 200 blue-cstm.png
cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/ 2 KB
2 KB 31ms
30ms Image
image/png 2600:9000:262b:f200:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/blue-cstm.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:f200:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 05:20:58 GMT
via: 1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: CDG52-P5
age: 3578654
etag: "34e8a8fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 2036
x-amz-cf-id: sobk0grahM-UvYWLmsRaV_xruGJiUHxIpzXvQStcRCGn9DEVljVZJQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 Root Show response
payments.rallybound.com/iframe/ Frame FB64 6 KB
4 KB 660ms
385ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

099802dc3ec23516ae81a5b4049ab2f1a7b0b6bc5fe6eff6eb3665c9c72f3414

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:14 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 464 KB
186 KB 107ms
24ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.cff.org/
Origin: https://give.cff.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 07:01:32 GMT

GET
H2 200 mobile-detect.js Show response
give.cff.org/Content/Global/js/ 73 KB
73 KB 251ms
250ms Script
application/javascript 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://give.cff.org/Content/Global/js/mobile-detect.js
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.cff.org/lt/Donate?rbref=23Itsupport2&donate=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:13 GMT
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
etag: "56d595fbe04d71:0"
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 74643
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8D7B 58 KB
33 KB 51ms
50ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=qpevf1ynb7nn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a015153d6beeb92050abf29f6962a6ca75e41f19764bc2f06e556f81f897762e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t2u04O-0doTW9eSGREg0SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-t2u04O-0doTW9eSGREg0SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 15:25:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 8D7B 55 KB
24 KB 66ms
25ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=qpevf1ynb7nn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 22:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 22:03:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 8D7B 464 KB
186 KB 50ms
24ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 07:01:32 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8D7B 102 B
135 B 32ms
32ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=qpevf1ynb7nn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 01 Nov 2023 15:25:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FB64 3 KB
539 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:09:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:14 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame FB64 4 KB
2 KB 119ms
118ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa840d271c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame FB64 107 KB
47 KB 120ms
119ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:04:34 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa9ab226be"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 8D7B 33 KB
19 KB 106ms
105ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

729a375aa31372e4503a494b1b8c3e3b0ccfc0a9b991ee89713756cd40136b9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=qpevf1ynb7nn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 01 Nov 2023 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 01 Nov 2023 15:25:14 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/21351.standalone-override.162131E658E41A48F88E347B42B1E94A.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn3.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 00:18:29 GMT
x-content-type-options: nosniff
age: 486405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Nov 2023 00:18:29 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame FB64 120 KB
56 KB 47ms
47ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152515Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000cc3b
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H2 200 CardNumber Show response
payments.rallybound.com/iframe/ Frame 85C6 11 KB
5 KB 124ms
124ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f6b3e2463875c4e7b714b24187f3e16790c38f72e10536af9cf81ceeda6dbadc

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:15 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardMonth Show response
payments.rallybound.com/iframe/ Frame 07B1 10 KB
5 KB 127ms
127ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52e06fdbb46b1a397c2e5f7efd47833c76a045e0ddaa97f5e2877be831e89d9d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:15 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardYear Show response
payments.rallybound.com/iframe/ Frame 1D29 9 KB
4 KB 233ms
232ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

11c95515ca2f703613e1774d7e7ec17abdaf267974affeb6f6a15229b4348e74

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:15 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardCvv Show response
payments.rallybound.com/iframe/ Frame 462C 9 KB
4 KB 225ms
225ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ac7620f8d2ccaea92741dfb743e03970e2d39c4193172bab76ec44ecc392fec8

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://give.cff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 15:25:15 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H3 200 css
fonts.googleapis.com/ Frame 85C6 3 KB
443 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 13:52:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:15 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 85C6 4 KB
2 KB 121ms
120ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa840d271c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 85C6 107 KB
47 KB 212ms
212ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:04:34 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa9ab226be"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame 07B1 3 KB
443 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 13:41:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:15 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 07B1 4 KB
2 KB 657ms
657ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa840d271c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 07B1 107 KB
47 KB 550ms
549ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:04:34 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa9ab226be"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 739ms
231ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:15 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 969e426e-cac2-40aa-baee-73acbd4251ca

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame FB64 49 B
159 B 122ms
122ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:15 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 1f715651-1145-484c-9933-673c432d9697
content-type: application/json; charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ Frame 462C 3 KB
443 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:05:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:15 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 462C 4 KB
2 KB 555ms
555ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa840d271c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 462C 107 KB
47 KB 555ms
554ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:04:34 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa9ab226be"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame 1D29 3 KB
443 B 268ms
268ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 13:54:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:25:15 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 1D29 4 KB
2 KB 548ms
547ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa840d271c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 1D29 107 KB
47 KB 548ms
547ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=hY2cEKciDRLA1QVw2r-wcj1OLMqjzMKZpKcRg07_6EM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 17 Aug 2023 11:04:34 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
etag: "1d9d0fa9ab226be"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 card.svg
payments.rallybound.com/img/payment-icons-master/ Frame 85C6 604 B
966 B 622ms
622ms Image
image/svg+xml 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/payment-icons-master/card.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
etag: "1d9d0fa840d345c"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 604
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 85C6 23 KB
23 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 557138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 85C6 23 KB
23 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 372577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:55:38 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 85C6 120 KB
56 KB 100ms
100ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:15 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152515Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000cc8m
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 07B1 120 KB
56 KB 51ms
51ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:16 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152516Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000ccbg
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H2 200 blackSelMod-w.png
payments.rallybound.com/img/ Frame 07B1 1023 B
1 KB 435ms
434ms Image
image/png 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/blackSelMod-w.png

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
etag: "1d9d0fa840d35ff"
content-type: image/png
accept-ranges: bytes
content-length: 1023
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 07B1 23 KB
23 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 557139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 462C 120 KB
56 KB 43ms
43ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:16 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152516Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000ccdr
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 462C 23 KB
23 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 557139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 462C 23 KB
23 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 372578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:55:38 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 1D29 120 KB
56 KB 37ms
37ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm548942507&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://payments.rallybound.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:16 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20231101T152516Z-u8bqygdkyx39r959u62gyp6xts000000021g00000000ccf7
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 280a9770-a01e-00e8-0837-0ad5ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js

GET
H2 200 blackSelMod-w.png
payments.rallybound.com/img/ Frame 1D29 1023 B
1 KB 117ms
116ms Image
image/png 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/blackSelMod-w.png

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:25:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 17 Aug 2023 11:03:56 GMT
etag: "1d9d0fa840d35ff"
content-type: image/png
accept-ranges: bytes
content-length: 1023
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1D29 23 KB
23 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.rallybound.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 557139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 462C 49 B
136 B 118ms
118ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:16 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: db42273f-2069-40e3-b927-b7378a0c14f4
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 117ms
116ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:16 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 628cd677-c543-436b-aff1-528960a47ec4

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 140ms
140ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:16 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: d7f6ae2e-4406-4a46-ae21-1b011ea0ef2a

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 85C6 49 B
136 B 287ms
287ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:16 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 80a26a32-91de-432e-a998-b5456bfd3994
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 164ms
164ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:16 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: d6d14f0c-bbe1-4106-b387-e9efd611f51b

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 07B1 49 B
137 B 240ms
240ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:16 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 5970b726-7bd8-41f9-8d75-663a95f326a0
content-type: application/json; charset=utf-8

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 1D29 51 B
139 B 165ms
165ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a4e2dd95d0548168577efb2431f913e7a42e310d919c18571906f9a8e5351e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:16 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: b64dbde8-d4ce-4313-bbfe-b4ba2847f64b
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 143ms
143ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:16 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 086d116c-5d1e-4886-8d49-af5e02d9e290

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 271ms
271ms Preflight 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.cff.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 01 Nov 2023 15:25:16 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 8896ab32-642f-4a36-8030-eb3e2ced6c24

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ 49 B
136 B 118ms
117ms XHR
application/json 52.188.247.144
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.144 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

202f50229347a82b54f1ea61db1da9cf154cc6c319ac11b6715dadf8b426dcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.cff.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:25:16 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 2d7ddc14-b4db-48bc-997d-5eeae9a5f95d
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

475 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:13:24	Name: _GRECAPTCHA Value: 09ALsHHK3XIIOOWx53s_nFSSVn5LzLCLQycbu6jqWG4b9wplhIMaAT8n7c5byLcEfD8AV-wxDT5ak2WAQV3jK2-2U
t.e2ma.net/	1970-01-20 16:04:17	Name: AWSALB Value: bVAXqzid6u0X/95rWLPikPBCRuwzBtRI79VtToxsYzwmiqge7HZ4EC9ice3r4kIk50HNBfxVSGSVEs6v42qyXUgMMPIC/wcA0tZp1MCaXuO8tndFTjNbr/OUn4uS
t.e2ma.net/	1970-01-20 16:04:17	Name: AWSALBCORS Value: bVAXqzid6u0X/95rWLPikPBCRuwzBtRI79VtToxsYzwmiqge7HZ4EC9ice3r4kIk50HNBfxVSGSVEs6v42qyXUgMMPIC/wcA0tZp1MCaXuO8tndFTjNbr/OUn4uS
.give.cff.org/	1969-12-31 23:59:59	Name: .rbsession4 Value: guoq2gi3jxijp5nhr3os2btr
.give.cff.org/	1970-01-21 01:30:12	Name: _ga_KYX847QR49 Value: GS1.3.1698852313.1.0.1698852313.0.0.0
.give.cff.org/	1970-01-21 01:30:12	Name: _ga Value: GA1.3.1022906022.1698852313
give.cff.org/	1969-12-31 23:59:59	Name: donation-reminder-session Value: 0.27673695344994664
give.cff.org/	1970-01-21 00:39:48	Name: ai_user Value: U9Ir+lOWBn78aKPztCNiRN\|2023-11-01T15:25:14.004Z
give.cff.org/	1970-01-20 15:54:14	Name: ai_session Value: PQDyXPRlp4QPNBbBcivbe6\|1698852314008\|1698852314008
.payments.rallybound.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 0d1e6f3f908983d38651c7c240778c4ff4c117c200cba03f748f9172fe2e19ef
payments.rallybound.com/	1970-01-21 00:39:48	Name: ai_user Value: zC2DSsdrBo6iA5OGT5RG9W\|2023-11-01T15:25:15.112Z
payments.rallybound.com/	1970-01-20 15:54:14	Name: ai_session Value: Iw+CATWeirNZqdB3WuMgtK\|1698852315214\|1698852316697

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn3.rallybound.com
code.jquery.com
eastus-0.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
give.cff.org
js.monitor.azure.com
payments.rallybound.com
region1.google-analytics.com
t.e2ma.net
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:32::36
2600:9000:262b:f200:d:7e10:cb00:93a1
2620:1ec:46::45
2a00:1450:4001:800::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a04:4e42::649
34.193.192.127
52.151.222.61
52.188.24.159
52.188.247.144
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c
0653a1690f3c2556620f4199ce477ff12183e713edb38a925842966c71977c7f
095c24b97563d308cbd2bc133139cb14b14a5fa3ec5521470811027342f19a1e
099802dc3ec23516ae81a5b4049ab2f1a7b0b6bc5fe6eff6eb3665c9c72f3414
0f087f08869fe2a4d00da776a70143a4f9a7008143d390eb5060cf934ad7c91b
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
119e52a813937de0e484171a541a11e87f6d241aa9f7cbc1075d85db417f94b4
11c95515ca2f703613e1774d7e7ec17abdaf267974affeb6f6a15229b4348e74
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
202f50229347a82b54f1ea61db1da9cf154cc6c319ac11b6715dadf8b426dcee
204e13bfd3004a5cdfc5bec849234b70da8b74fe9c4b8e0b4dcb77d40653f0dc
2e23f6829451919d75ef0635c64550cfa9bb5e13c82f25d7b1ea11090324f3ef
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
32b3a9ad347203cff125001296cd6277daa9ee0515f5e05bd28453187e420277
3fda0eb83eea5bc4287cf8a530724dfdd503a38906e0b35ad137910e3f868f49
40a224f209280ee86f5afadc2fbac9cd99f13d6782f9b7854b493679e5ee2f4a
4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8
52e06fdbb46b1a397c2e5f7efd47833c76a045e0ddaa97f5e2877be831e89d9d
63f6def9094bb09a31716f21c2b94470efe425fba4f78803220efc3d84817d1b
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
729a375aa31372e4503a494b1b8c3e3b0ccfc0a9b991ee89713756cd40136b9a
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
858d9c10a7220d12c0d50570dabfb0723d4e2ccaa3ccc299a4a711834effe843
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05
89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321
8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672
a015153d6beeb92050abf29f6962a6ca75e41f19764bc2f06e556f81f897762e
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
a4e2dd95d0548168577efb2431f913e7a42e310d919c18571906f9a8e5351e52
ac7620f8d2ccaea92741dfb743e03970e2d39c4193172bab76ec44ecc392fec8
ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
bdd662a2ac39ba9452143e6f7769c1f279c663227d78c599dcb81b2d0365e92f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489
f59db7776a7adccf8fb4a7c9cd612008f56a5ecc31a87c2f968f556dd0fc6b29
f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389
f6b3e2463875c4e7b714b24187f3e16790c38f72e10536af9cf81ceeda6dbadc
fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

give.cff.org Open in urlscan Pro 52.188.24.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

71 %IPv6

10 Domains

14 Subdomains

13 IPs

2 Countries

3313 kBTransfer

4837 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.cff.org Open in urlscan Pro
52.188.24.159 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

71 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

3313 kB
Transfer

4837 kB
Size

12
Cookies

84 HTTP transactions
0 data transactions