www.familiesrenewed.org Open in urlscan Pro
209.182.204.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.familiesrenewed.org/
Effective URL:
https://www.familiesrenewed.org/
Submission: On November 18 via api (November 18th 2023, 9:33:40 pm UTC) from AU — Scanned from AU

Summary HTTP 129 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 22 domains to perform 129 HTTP transactions. The main IP is 209.182.204.176, located in United States and belongs to IMH-IAD, US. The main domain is www.familiesrenewed.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 2nd 2023. Valid for: 3 months.

This is the only time www.familiesrenewed.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	209.182.204.176 209.182.204.176	54641 (IMH-IAD) (IMH-IAD)
1	104.20.36.218 104.20.36.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.217.24.46 172.217.24.46	15169 (GOOGLE) (GOOGLE)
20	104.20.37.218 104.20.37.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1 2	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
1	172.217.24.38 172.217.24.38	15169 (GOOGLE) (GOOGLE)
4	172.217.24.42 172.217.24.42	15169 (GOOGLE) (GOOGLE)
1	172.217.167.100 172.217.167.100	15169 (GOOGLE) (GOOGLE)
1	172.217.24.54 172.217.24.54	15169 (GOOGLE) (GOOGLE)
1	172.217.167.65 172.217.167.65	15169 (GOOGLE) (GOOGLE)
2	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
2	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
2 4	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.72.79 172.67.72.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
22	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
6	18.67.111.45 18.67.111.45	16509 (AMAZON-02) (AMAZON-02)
2	18.154.144.16 18.154.144.16	16509 (AMAZON-02) (AMAZON-02)
8	192.229.232.89 192.229.232.89	15133 (EDGECAST) (EDGECAST)
2	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	52.37.229.91 52.37.229.91	16509 (AMAZON-02) (AMAZON-02)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
129	28

9 209.182.204.176 (United States) 1 redirects

ASN54641 (IMH-IAD, US)
PTR: server.realfinancialsolutions.com

www.familiesrenewed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.36.218 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.givebutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.20.37.218 (None, )

ASN13335 (CLOUDFLARENET, US)

givebutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.givebutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f38.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.54 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f40.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.3.184 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.72.79 (United States)

ASN13335 (CLOUDFLARENET, US)

givebuttercdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.66.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.64.147.188 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.67.111.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-45.syd62.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.144.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-144-16.lax50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.232.89 (Marlborough, United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.37.229.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-229-91.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492 ka-p.fontawesome.com — Cisco Umbrella Rank: 3445	68 KB
21	givebutter.com widgets.givebutter.com — Cisco Umbrella Rank: 149895 givebutter.com — Cisco Umbrella Rank: 69657 js.givebutter.com — Cisco Umbrella Rank: 138569	341 KB
14	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	284 KB
9	givebuttercdn.com givebuttercdn.com — Cisco Umbrella Rank: 166347	4 MB
9	familiesrenewed.org 1 redirects www.familiesrenewed.org	789 KB
8	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 9477	118 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 207 maps.googleapis.com — Cisco Umbrella Rank: 393	163 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	997 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	32 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	174 KB
4	cloudflare.com 2 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6439	23 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	926 B
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 562	31 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	41 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	14 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14270	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	127 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	35 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
129	22

	Domain	Requested by
20	ka-p.fontawesome.com	kit.fontawesome.com www.familiesrenewed.org
18	givebutter.com	widgets.givebutter.com www.familiesrenewed.org givebuttercdn.com givebutter.com js.givebutter.com static.cloudflareinsights.com
9	givebuttercdn.com	givebutter.com givebuttercdn.com
9	www.familiesrenewed.org	1 redirects www.familiesrenewed.org
8	js.braintreegateway.com	givebutter.com
8	www.youtube.com	www.familiesrenewed.org www.youtube.com
6	q.stripe.com	www.familiesrenewed.org
6	js.stripe.com	givebutter.com js.stripe.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	connect.facebook.net	givebutter.com connect.facebook.net
4	maps.googleapis.com	givebutter.com maps.googleapis.com
4	challenges.cloudflare.com	2 redirects givebutter.com
4	jnn-pa.googleapis.com	www.youtube.com
2	bam.nr-data.net	js-agent.newrelic.com
2	m.stripe.com	m.stripe.network
2	js-agent.newrelic.com	givebutter.com
2	www.google-analytics.com	www.googletagmanager.com
2	static.cloudflareinsights.com	givebutter.com
2	cdn.plaid.com	givebutter.com
2	js.givebutter.com	givebutter.com
2	kit.fontawesome.com	givebutter.com
2	www.googletagmanager.com	givebutter.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	widgets.givebutter.com	www.familiesrenewed.org
129	30

This site contains links to these domains. Also see Links.

Domain
merch.familiesrenewed.org
www.lifebst.org
donate.familiesrenewed.org

Subject Issuer	Validity	Valid
familiesrenewed.org cPanel, Inc. Certification Authority	`2023-10-02` - `2023-12-31`	3 months	crt.sh
widgets.givebutter.com E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
givebutter.com E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
givebuttercdn.com E1	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
js.givebutter.com E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-28` - `2023-11-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.familiesrenewed.org/
Frame ID: 25CCC55063D1D15A5554697CDDA94275
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/pCsj18VgIpc
Frame ID: 87F1DAE6C97FAF17836C61F986514D51
Requests: 20 HTTP requests in this frame

Frame: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Frame ID: DFEAD258DC913DF4461F8B95242CB279
Requests: 43 HTTP requests in this frame

Frame: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Frame ID: FC2503C1A6CF75D350F87070AA2250E9
Requests: 39 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: DD87D4064E08F0EC9C34C60F30B4F093
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 495A3938460848560BA0112A1BDE72F2
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 63067209FEB11EB36E8F6EA51973D8F8
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DFAD85A6190EAA78DBF18B080AC7AFBB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.familiesrenewed.org/ HTTP 301
https://www.familiesrenewed.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

129
Requests

98 %
HTTPS

0 %
IPv6

22
Domains

30
Subdomains

28
IPs

3
Countries

7569 kB
Transfer

13386 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://merch.familiesrenewed.org/
Title: Merch

Search URL Search Domain Scan URL

URL: http://www.lifebst.org/
Title: LifeBST

Search URL Search Domain Scan URL

URL: https://www.lifebst.org/
Title: LifeBST

Search URL Search Domain Scan URL

URL: https://donate.familiesrenewed.org/
Title: donation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.familiesrenewed.org/ HTTP 301
https://www.familiesrenewed.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 36

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit

Request Chain 52

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit

129 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.familiesrenewed.org/
Redirect Chain

http://www.familiesrenewed.org/
https://www.familiesrenewed.org/

21 KB
21 KB

989ms
264ms

Document
text/html

209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: 6ab2c14eb3cac4064d563b65357fd36912c118888c236c80192320b0de43f3a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Nov 2023 21:33:33 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 18 Nov 2023 21:33:33 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.familiesrenewed.org/
Server: Apache

GET
H/1.1 200
OK style.css
www.familiesrenewed.org/styles/ 5 KB
5 KB 266ms
263ms Stylesheet
text/css 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.familiesrenewed.org/styles/style.css
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: 8a4afd72ae41f5b98e14911bac731d264cd2e68f38e98af3e684aac4297372da

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:34 GMT
Last-Modified: Mon, 18 Jul 2022 18:00:47 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5060

GET
H2 200 latest.umd.cjs Show response
widgets.givebutter.com/ 173 KB
174 KB 57ms
33ms Script
application/node 104.20.36.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.36.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaca5fad2f9cc3bac80a67829c1cccd21515c2bd095fd62c6007ab69e03dd4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:34 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
x-vercel-id: syd1::zpdkn-1700343214154-881dd1cf9d4f
server: cloudflare
age: 889404
etag: "00ebdc7f6f5fa1eb6693a1048108d508"
x-vercel-cache: HIT
content-type: application/node
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="latest.umd.cjs"
accept-ranges: bytes
cf-ray: 828355204b265744-SYD
content-length: 177609

GET
H/1.1 200
OK FamiliesRenewedWebLogo.jpg
www.familiesrenewed.org/images/ 100 KB
100 KB 498ms
258ms Image
image/jpeg 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/FamiliesRenewedWebLogo.jpg
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: c5b1dc36c2cd2340958bc0ca05823d998f52df1d8a2f6081a54dea052922b96d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:34 GMT
Last-Modified: Fri, 01 Jul 2022 23:07:20 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 101895

GET
H/1.1 200
OK 988.png
www.familiesrenewed.org/images/ 400 KB
400 KB 522ms
257ms Image
image/png 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/988.png
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: ee45ce821001edb5ecbdab5cd6c546ea98b1efe780a764f90d1373567d9666c4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:34 GMT
Last-Modified: Mon, 18 Jul 2022 16:49:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 409765

GET
H/1.1 200
OK hamburgerMenu2.png
www.familiesrenewed.org/images/ 64 KB
65 KB 499ms
256ms Image
image/png 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/hamburgerMenu2.png
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: 57d479d609c92dfef64c0859d69c4748965fcba9fd500447854aa894f576392f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:34 GMT
Last-Modified: Fri, 01 Jul 2022 23:07:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 65837

GET
H/1.1 200
OK DownCarat.png
www.familiesrenewed.org/images/ 49 KB
49 KB 502ms
260ms Image
image/png 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/DownCarat.png
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: e0680cc0f398d6bcfb4cfe4108ddddc50e7f31ddc25cd19c594e185b9b3edc3f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:34 GMT
Last-Modified: Mon, 18 Jul 2022 15:50:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 49771

GET
H/1.1 200
OK 20220510YorkDispatch02aLowRes.jpg
www.familiesrenewed.org/images/ 136 KB
136 KB 741ms
255ms Image
image/jpeg 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/20220510YorkDispatch02aLowRes.jpg
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: 7df1b4f129de410910b2cca0f37a864df8014a3fe6cb99b790cf8910823c4695

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:35 GMT
Last-Modified: Fri, 01 Jul 2022 23:07:19 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 139431

GET
H/1.1 200
OK brianna_dorgan.jpg
www.familiesrenewed.org/images/ 12 KB
12 KB 768ms
256ms Image
image/jpeg 209.182.204.176
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.familiesrenewed.org/images/brianna_dorgan.jpg
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.204.176 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.realfinancialsolutions.com
Software: Apache /
Resource Hash: d7f1f3bcab26ca243071204ab79861bf27d33a6f0f517c1247ac1934578a9e4b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 21:33:35 GMT
Last-Modified: Fri, 01 Jul 2022 23:07:19 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12280

GET
H2 200 pCsj18VgIpc Show response
www.youtube.com/embed/ Frame 87F1 92 KB
40 KB 587ms
181ms Document
text/html 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/pCsj18VgIpc

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

ESF /

Resource Hash

10c5d6ca14421f630f4fe4c98f1b5e719a7eb0e36ae2324706b583d4ff1c15f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.familiesrenewed.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 21:33:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 ping
givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/ 0
0 1067ms
736ms Fetch 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/ping

Requested by

Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
cross-origin-embedder-policy: unsafe-none
content-security-policy: base-uri 'self'
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
access-control-allow-origin: https://www.familiesrenewed.org
cache-control: max-age=8784, must-revalidate, public
access-control-allow-credentials: true
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
cf-ray: 828355246e77a87c-SYD

GET
H2 200 j14K7p Show response
givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/elements/ 136 B
1 KB 1080ms
766ms Fetch
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/elements/j14K7p

Requested by

Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bcc0b2ff0735962aca04481606d8a8f8e88ffe2d371d9e57f950fec1fdd9e8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 spaces-router (devel)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: base-uri 'self'
cross-origin-embedder-policy: unsafe-none
x-permitted-cross-domain-policies: none
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.familiesrenewed.org
cache-control: max-age=60, public
access-control-allow-credentials: true
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
cf-ray: 828355246e79a87c-SYD

GET
H2 200 j14K7p Show response
givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/elements/ 136 B
2 KB 1090ms
777ms Fetch
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/elements/api/v2/CusXGBLfsIZDzWXG/elements/j14K7p

Requested by

Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bcc0b2ff0735962aca04481606d8a8f8e88ffe2d371d9e57f950fec1fdd9e8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 spaces-router (devel)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: base-uri 'self'
cross-origin-embedder-policy: unsafe-none
x-permitted-cross-domain-policies: none
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.familiesrenewed.org
cache-control: max-age=60, public
access-control-allow-credentials: true
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
cf-ray: 828355246e7aa87c-SYD

GET
H2 200 www-player.css
www.youtube.com/s/player/190c935f/ Frame 87F1 378 KB
48 KB 5ms
3ms Stylesheet
text/css 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

sffe /

Resource Hash

f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48795
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Nov 2024 21:47:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87F1 15 KB
16 KB 401ms
1ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:11:39 GMT
x-content-type-options: nosniff
age: 87716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:11:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87F1 15 KB
15 KB 402ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:56 GMT
x-content-type-options: nosniff
age: 166599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:16:56 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/ Frame 87F1 56 KB
17 KB 4ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

sffe /

Resource Hash

289b6d28797a9c72eec66e02a15f4100d1c3c5c7500f936ad73921bcc24eba75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17782
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Nov 2024 03:27:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/190c935f/www-embed-player.vflset/ Frame 87F1 322 KB
96 KB 5ms
4ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

sffe /

Resource Hash

5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98594
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Nov 2024 03:27:31 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/ Frame 87F1 2 MB
762 KB 6ms
5ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

sffe /

Resource Hash

ba4ec7991756e49562aa036ee42a8c985404342f653c1b43a25554acca54ab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 780086
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Nov 2024 03:30:46 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 87F1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

97ms
96ms

XHR
application/json

172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d7f70cd0990e3f833ea7ff40bd4872794bb0c987b03534f2ac3f229b9fd07f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 18 Nov 2023 21:33:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 87F1 29 B
495 B 402ms
2ms Script
text/javascript 172.217.24.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f38.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:22:16 GMT
x-content-type-options: nosniff
age: 679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 21:37:16 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 496ms
96ms Preflight
text/html 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 18 Nov 2023 21:33:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 87F1 70 KB
32 KB 111ms
111ms XHR
application/json+protobuf 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

9683d7fa089ef1eb3e345c52bcc7fdb589e7b85c1c361e7b8b59b8a59fe97682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32732
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/ Frame 87F1 116 KB
33 KB 3ms
3ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

sffe /

Resource Hash

2993cfa266b468afaae6c45bed4afd550152ab24f445fb97da01f26dada9f313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33487
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Nov 2024 03:27:19 GMT

GET
H2 200 Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js Show response
www.google.com/js/th/ Frame 87F1 38 KB
15 KB 402ms
3ms Script
text/javascript 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

sffe /

Resource Hash

0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15072
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Nov 2024 15:28:06 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/pCsj18VgIpc/ Frame 87F1 34 KB
35 KB 584ms
178ms Image
image/jpeg 172.217.24.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pCsj18VgIpc/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f22.1e100.net

Software

sffe /

Resource Hash

de561ce7f7edfd27038f5eb5980613a5ffb56982b5aefc63977475454789517c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35257
x-xss-protection: 0
server: sffe
etag: "1621605944"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Nov 2023 23:33:35 GMT

GET
DATA 200
OK truncated
/ Frame 87F1 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKYgN_tqpgHtSgRmicONhsYjpsHU501ZW69V_1yGB4A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 87F1 3 KB
3 KB 504ms
3ms Image
image/jpeg 172.217.167.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKYgN_tqpgHtSgRmicONhsYjpsHU501ZW69V_1yGB4A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f1.1e100.net

Software

fife /

Resource Hash

aac97cc6c740493a54107e3fbcfdcc31f9ef2f4b797d6a71564fcaf36762a98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:07:00 GMT
x-content-type-options: nosniff
age: 5195
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2814
x-xss-protection: 0
server: fife
etag: "v1b130"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 19 Nov 2023 20:07:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 87F1 4 KB
2 KB 495ms
95ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 21:33:35 GMT

GET
H2 200 B58O4O Show response
givebutter.com/embed/c/ Frame DFEA 42 KB
15 KB 702ms
393ms Document
text/html 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Requested by

Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9dd3d5e814621ae9bdea990433eedccb4d0d81e190d7027b2c4cf4831169ef

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	*
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.familiesrenewed.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8283552b2e64a93d-SYD
content-encoding: gzip
content-security-policy: base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 21:33:36 GMT
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff nosniff
x-download-options: noopen
x-frame-options: *
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 Givebutter_H_Text.svg
givebutter.com/assets/brand/givebutter/Powered/ 15 KB
6 KB 332ms
22ms Image
image/svg+xml 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givebutter.com/assets/brand/givebutter/Powered/Givebutter_H_Text.svg

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b010edc18752647dcd8749bfe9abea7cb1eaf4f3ea4de0898b3ed325b1ed08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.familiesrenewed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 03:57:01 GMT
server: cloudflare
age: 2644
etag: W/"6555930d-3cb3"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 8283552b2e67a93d-SYD

GET
H2 200 B58O4O Show response
givebutter.com/embed/c/ Frame FC25 42 KB
16 KB 675ms
377ms Document
text/html 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Requested by

Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=CusXGBLfsIZDzWXG&p=other

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8636c343d9a05d8d327042b20a0b57664e80f8a2288b814b146fbad652a700c0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	*
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.familiesrenewed.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8283552b2e66a93d-SYD
content-encoding: gzip
content-security-policy: base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 21:33:36 GMT
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff nosniff
x-download-options: noopen
x-frame-options: *
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 204 generate_204
www.youtube.com/ Frame 87F1 0
40 B 3ms
2ms Image
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RPbcGA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/pCsj18VgIpc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f46.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/pCsj18VgIpc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 87F1 50 KB
15 KB 3ms
2ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 18 Nov 2023 23:57:44 GMT

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 99ms
99ms Preflight
text/html 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 18 Nov 2023 21:33:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 87F1 90 B
181 B 102ms
101ms XHR
application/json+protobuf 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

66d31ddb6a194fe867ca32b181c90c861e4c921d456381c068eb2005301548ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FC25 173 KB
64 KB 522ms
114ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75318216-1

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

193d49024398a5a65bee77922749cd4c60c57cff2f521c67c9ae532b121eeb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64651
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 21:33:36 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/9914b343/ Frame FC25
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit

33 KB
11 KB

27ms
22ms

Script
application/javascript

104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8283552fda295741-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 18 Nov 2023 21:33:36 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8283552fba095741-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.6bbd0b1afd94cd0178f736c11b9e0725.css
givebuttercdn.com/apps/prod/css/ Frame FC25 53 KB
53 KB 372ms
21ms Stylesheet
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a778857722aae0f0d4482389b5fb50cfcf042b2241962dc33f2f9d902730d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "6bbd0b1afd94cd0178f736c11b9e0725"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOjw4nHtQbZjlvV8l2i6LUDOp0XaxXnHyTIC9WX3ytRvJIwb3YWMFhVhtpwZdU%2Fmo7pZ4FWaYCMAS1ia0ojcWRCODpNtndk%2FHFvOUFWHkx%2FEv8nI9B50eMaPiIG4rSKCnbgR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552feaa3a838-SYD
content-length: 54352

GET
H2 200 form-v2.ed956df507db1c3b2d5497d74ffbe716.css
givebuttercdn.com/apps/prod/css/campaign/ Frame FC25 7 KB
8 KB 372ms
22ms Stylesheet
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/css/campaign/form-v2.ed956df507db1c3b2d5497d74ffbe716.css
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5344d027c0a063d9e65f7518075f5718f73c9b66e877967d7cbabe4c5210c53

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "015d8e121f29fda599a6a7ee2f70d162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nHXTYjpgAP69xA2VKEJs3I2YH57n3T%2FWtuThV3GvGUE62nPPKpKYHnbOed0wn6xIetChbIX2M9m5WiHe%2FTQMXe5cOKqGLuF%2BmR87J7NOZfhUI7ypHywMjyf8VvztmDcFG%2F0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552feaa0a838-SYD
content-length: 7451

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame FC25 194 KB
65 KB 616ms
243ms Script
text/javascript 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA-HrsGwQ0MW-YRyd-jp_YqJ0RmuY5LLqs&libraries=places&callback=Function.prototype

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

bd7943e33f3ca4d91a23122127b876c876a15692241d7cba58a46cc2e41c52a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66401
x-xss-protection: 0

GET
H2 200 c37fafd8d9.js Show response
kit.fontawesome.com/ Frame FC25 14 KB
5 KB 1135ms
833ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/c37fafd8d9.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc8ca798f8da8b10da63c252adf20f2bdcd04fb433a92ba8b82b7d71fad0579

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 828355324edc5d20-SYD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5V0lEDrGOaW6_oZq7fh

GET
H2 200 latest.js Show response
js.givebutter.com/elements/ Frame FC25 192 KB
53 KB 652ms
281ms Script
text/javascript 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.givebutter.com/elements/latest.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb128d11873821d66616bc81a3229f7b664483472e52213dc15e39e5716d6dcc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 20:29:40 GMT
server: cloudflare
x-amz-request-id: KJC98SZS8NJ2RE2D
etag: W/"333ffe903e9eccafc61523aea47190a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60
cf-ray: 82835532ad6aaaea-SYD
x-amz-id-2: wNikt3RRd1yRlwkZzNZMpX8C0DVs4qTyC3Bi7ebBeGJer0jNiVdW5Wq8XcEcJy4F58ULgW507Jk=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FC25 3 KB
2 KB 286ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

59574b6feb0fe85e713c0cf419da15c7e2657ad1bd43fe59a19d4e411930a2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 21:33:36 GMT
content-md5: PQX0QWXT8b7xP8KA9ZmDPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: Dl9Kqwia7MzHRtzbaqZ0YKC/GXn7ZdwIsKoyvAk7QYtDQ2snId5r+EXuv/Nt41NvMEWs1VIUjR/5lkGADSc1/g==
x-fb-content-md5: 335b6385c4d806b2b6ff668b0bc8ffe1
cross-origin-opener-policy: same-origin-allow-popups
etag: "a57cf4b12bca8317b0b2638dc144e560"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 18 Nov 2023 21:43:53 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame FC25 556 KB
137 KB 79ms
10ms Script
text/javascript 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:32:54 GMT
content-encoding: br
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 45
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 21:38:13 GMT
server: Cloudfront
etag: W/"b2cc65458b2c4ec73e91a4fb930e6217"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: fhXJ0ITnLE5KR3sLnwuCQGl2GqD1D9HTGh1wxv9JFq_LFJJDYN1ijQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame FC25 143 KB
43 KB 638ms
344ms Script
application/javascript 18.154.144.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.144.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-144-16.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3d33e0145fee1f52a554d1a03d837bea8763d310269c95ed3025a23c64e9231

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 00:35:00 GMT
x-amz-version-id: mNwhjfgOMPUuxrCMGmnw6xDdZHaNL5kA
content-encoding: gzip
via: 1.1 9144b470896e1a027238001cfba88128.cloudfront.net (CloudFront)
x-amz-request-id: TGC2K2H370JRRWCM
x-amz-cf-pop: LAX50-P4
x-amz-server-side-encryption: AES256
age: 75516
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: eMiVsKqYhLGM/DWaQmWbNQMtzOdn04Cy8SEs2TZsbXtKwbMsDZOo5S4+/eRNAY2/11Z8UqBu7Br62sSNEzGLOcK5b2g2D7DbJCxu2pdM16M=
last-modified: Sat, 18 Nov 2023 00:19:36 GMT
server: AmazonS3
etag: W/"23cf8eca4806426495e90d42a6e5b00f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Yp8pBiCrjCdKB9Ncpm9fjmGwlJBYoUL8BZsSzF714-ayCRYcE3Om8A==

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame FC25 38 KB
12 KB 20ms
5ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/client.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E794) /

Resource Hash

33c230f2f903e3c9ec49f5f7aeab8a8f9e92eefbc261d7f9b591021fa2bad3ab

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:47 GMT
server: ECAcc (nwa/E794)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f273-96ca+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11742
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame FC25 58 KB
16 KB 18ms
4ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/paypal-checkout.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7B0) /

Resource Hash

7a5c4be4409d1aa1ed05629eb7a650608e5dc8e873010f527d778c690a031649

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:58 GMT
server: ECAcc (nwa/E7B0)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f27e-e8f6+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15869
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 venmo.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame FC25 83 KB
22 KB 20ms
7ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/venmo.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E794) /

Resource Hash

294829932b49d76ccd202ebed502a16427e00ea0911f7d26de8b5e02739877f0

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:44 GMT
server: ECAcc (nwa/E794)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f270-14d02+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 22210
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame FC25 29 KB
10 KB 19ms
6ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/data-collector.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7CC) /

Resource Hash

e804435687ed72000c8c1c72a6e637cfa3730077592c6025fa4c00968aca860b

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:44 GMT
server: ECAcc (nwa/E7CC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f270-753f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10264
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 embed.120a4ef2e23aa574790c726b00d82b1e.js Show response
givebuttercdn.com/apps/prod/js/campaign/layouts/ Frame FC25 2 MB
2 MB 366ms
20ms Script
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84c7947cd05d2b07031112cd7e19a8c2902422cd2f1283acca4f2c21bafdaf5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Sun, 12 Nov 2023 16:53:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "120a4ef2e23aa574790c726b00d82b1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcbhCcdzCmHvQQdFgp7VqQRfKsK099PpG7WgX0%2BkDZyPuPn%2B7SW7Lfka%2BFRupeJsr0qONu278oze2hqkWpH15RNtT6ehv1J2EA5v7gd7Q4EGL%2BPntZ6lgMcr1CfwyRXCFY5X"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552feaa5a838-SYD
content-length: 2025135

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame FC25 20 KB
7 KB 312ms
31ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 828355322c39571b-SYD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame DFEA 173 KB
63 KB 605ms
216ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75318216-1

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

1a4ff90c6c571be1b559e58b68b98540b3ac83b1d2bd7142edec261857c06ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64653
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 21:33:36 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/9914b343/ Frame DFEA
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit

33 KB
11 KB

23ms
21ms

Script
application/javascript

104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8283552fda2a5741-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 18 Nov 2023 21:33:36 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback&render=explicit
cache-control: max-age=300, public
cf-ray: 8283552fba0c5741-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.6bbd0b1afd94cd0178f736c11b9e0725.css
givebuttercdn.com/apps/prod/css/ Frame DFEA 53 KB
53 KB 351ms
19ms Stylesheet
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a778857722aae0f0d4482389b5fb50cfcf042b2241962dc33f2f9d902730d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "6bbd0b1afd94cd0178f736c11b9e0725"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QROiwdmUl5eNDV1fDLpkYd6YhY683aRaISUOBq0V7DY8%2BCUU3Je4KwgSnFht0h7730ZzySHgYhu%2FPvUDBABAkfbD6XLas2wvrx0lJMOksakEolhkBcCVZd2uJoM6dvXwwWr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552fea9da838-SYD
content-length: 54352

GET
H2 200 form-v2.ed956df507db1c3b2d5497d74ffbe716.css
givebuttercdn.com/apps/prod/css/campaign/ Frame DFEA 7 KB
8 KB 354ms
22ms Stylesheet
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/css/campaign/form-v2.ed956df507db1c3b2d5497d74ffbe716.css
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5344d027c0a063d9e65f7518075f5718f73c9b66e877967d7cbabe4c5210c53

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "015d8e121f29fda599a6a7ee2f70d162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saKNVVY04S6TLisQvjkM3yZccCygz%2FKNFuH5Enf9rZfpP4Y09NRy1EPH0a0nIAF1DoxvZPsloOIrYoQt5Hu7Z8mnR5UmgvfYSgmqHeHsXwsgjifJnaD2JS4OgSah6kbcdg6F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552feaa1a838-SYD
content-length: 7451

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame DFEA 194 KB
65 KB 519ms
118ms Script
text/javascript 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA-HrsGwQ0MW-YRyd-jp_YqJ0RmuY5LLqs&libraries=places&callback=Function.prototype

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

bd7943e33f3ca4d91a23122127b876c876a15692241d7cba58a46cc2e41c52a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66401
x-xss-protection: 0

GET
H2 200 c37fafd8d9.js Show response
kit.fontawesome.com/ Frame DFEA 14 KB
5 KB 550ms
220ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/c37fafd8d9.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc8ca798f8da8b10da63c252adf20f2bdcd04fb433a92ba8b82b7d71fad0579

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 828355324edb5d20-SYD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5V0lEDrGOaW6_oZq7fh

GET
H2 200 latest.js Show response
js.givebutter.com/elements/ Frame DFEA 192 KB
53 KB 675ms
276ms Script
text/javascript 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.givebutter.com/elements/latest.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb128d11873821d66616bc81a3229f7b664483472e52213dc15e39e5716d6dcc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 20:29:40 GMT
server: cloudflare
x-amz-request-id: KJC98SZS8NJ2RE2D
etag: W/"333ffe903e9eccafc61523aea47190a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60
cf-ray: 82835532ad69aaea-SYD
x-amz-id-2: wNikt3RRd1yRlwkZzNZMpX8C0DVs4qTyC3Bi7ebBeGJer0jNiVdW5Wq8XcEcJy4F58ULgW507Jk=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame DFEA 3 KB
2 KB 313ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

59574b6feb0fe85e713c0cf419da15c7e2657ad1bd43fe59a19d4e411930a2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 21:33:36 GMT
content-md5: PQX0QWXT8b7xP8KA9ZmDPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: Dl9Kqwia7MzHRtzbaqZ0YKC/GXn7ZdwIsKoyvAk7QYtDQ2snId5r+EXuv/Nt41NvMEWs1VIUjR/5lkGADSc1/g==
x-fb-content-md5: 335b6385c4d806b2b6ff668b0bc8ffe1
cross-origin-opener-policy: same-origin-allow-popups
etag: "a57cf4b12bca8317b0b2638dc144e560"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 18 Nov 2023 21:43:53 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame DFEA 556 KB
137 KB 75ms
24ms Script
text/javascript 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:32:54 GMT
content-encoding: br
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 45
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 21:38:13 GMT
server: Cloudfront
etag: W/"b2cc65458b2c4ec73e91a4fb930e6217"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: vcgvODu7C2RKoSwVK3p3r-sd8kdMDhLZbhJG9MF2uGpjepOyTpuvUQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame DFEA 143 KB
43 KB 479ms
203ms Script
application/javascript 18.154.144.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.144.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-144-16.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3d33e0145fee1f52a554d1a03d837bea8763d310269c95ed3025a23c64e9231

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 00:35:00 GMT
x-amz-version-id: mNwhjfgOMPUuxrCMGmnw6xDdZHaNL5kA
content-encoding: gzip
via: 1.1 9144b470896e1a027238001cfba88128.cloudfront.net (CloudFront)
x-amz-request-id: TGC2K2H370JRRWCM
x-amz-cf-pop: LAX50-P4
x-amz-server-side-encryption: AES256
age: 75516
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: eMiVsKqYhLGM/DWaQmWbNQMtzOdn04Cy8SEs2TZsbXtKwbMsDZOo5S4+/eRNAY2/11Z8UqBu7Br62sSNEzGLOcK5b2g2D7DbJCxu2pdM16M=
last-modified: Sat, 18 Nov 2023 00:19:36 GMT
server: AmazonS3
etag: W/"23cf8eca4806426495e90d42a6e5b00f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: 6-MTqPQa13Fh3Jz2Xe-SXL3C6UN6-DzGXfJeph7ueNNM1aO6B8f-PA==

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame DFEA 38 KB
12 KB 8ms
2ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/client.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E794) /

Resource Hash

33c230f2f903e3c9ec49f5f7aeab8a8f9e92eefbc261d7f9b591021fa2bad3ab

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:47 GMT
server: ECAcc (nwa/E794)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f273-96ca+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11742
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame DFEA 58 KB
16 KB 10ms
4ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/paypal-checkout.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7B0) /

Resource Hash

7a5c4be4409d1aa1ed05629eb7a650608e5dc8e873010f527d778c690a031649

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:58 GMT
server: ECAcc (nwa/E7B0)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f27e-e8f6+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15869
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 venmo.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame DFEA 83 KB
22 KB 9ms
3ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/venmo.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E794) /

Resource Hash

294829932b49d76ccd202ebed502a16427e00ea0911f7d26de8b5e02739877f0

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:44 GMT
server: ECAcc (nwa/E794)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f270-14d02+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 22210
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.97.1/js/ Frame DFEA 29 KB
10 KB 9ms
4ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.97.1/js/data-collector.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7CC) /

Resource Hash

e804435687ed72000c8c1c72a6e637cfa3730077592c6025fa4c00968aca860b

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sat, 18 Nov 2023 21:33:36 GMT
last-modified: Wed, 15 Nov 2023 16:31:44 GMT
server: ECAcc (nwa/E7CC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f270-753f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10264
expires: Sun, 19 Nov 2023 21:33:36 GMT

GET
H2 200 embed.120a4ef2e23aa574790c726b00d82b1e.js Show response
givebuttercdn.com/apps/prod/js/campaign/layouts/ Frame DFEA 2 MB
2 MB 344ms
14ms Script
text/plain 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84c7947cd05d2b07031112cd7e19a8c2902422cd2f1283acca4f2c21bafdaf5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:36 GMT
cf-cache-status: HIT
last-modified: Sun, 12 Nov 2023 16:53:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4226
etag: "120a4ef2e23aa574790c726b00d82b1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QaLTCjQzVQLZ0M6brAgE8lsDDmr7SKosmbJuhIGsndRZGGQY4CXi5JVGECLKJyOeYiVbwHRjCPtY%2BAEuFzG%2Bj37nKo7v82uiCtkQNMvzUaKTl0%2Fr8xoc6yiR9ksxAO1UJSs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8283552feaa4a838-SYD
content-length: 2025135

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame DFEA 20 KB
7 KB 339ms
30ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 828355321c37571b-SYD

GET
H2 200 Donate%20-%20Heart%20Anim.json Show response
givebutter.com/storage/assets/flow/animation/ Frame DFEA 110 KB
5 KB 236ms
235ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/storage/assets/flow/animation/Donate%20-%20Heart%20Anim.json

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a02f78e600e8272c473819f97a46a1c070f8ceeddaf29ac5655e371375e9456a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6557a49f-1b8b4"
vary: Accept-Encoding
content-type: application/json
cf-ray: 828355322bcfa93d-SYD

GET
H2 200 Donate%20-%20Seal.json Show response
givebutter.com/storage/assets/flow/animation/ Frame DFEA 63 KB
3 KB 243ms
242ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/storage/assets/flow/animation/Donate%20-%20Seal.json

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e554bc156b6e3a3d05525af219824241f504293f0300b40d8ca1385bbaf2b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6557a49f-fbf0"
vary: Accept-Encoding
content-type: application/json
cf-ray: 828355322bd0a93d-SYD

GET
DATA 200
OK truncated
/ Frame DFEA 215 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 Love%20Filled.svg
givebutter.com/storage/assets/flow/icons/24/ Frame DFEA 659 B
564 B 22ms
21ms Image
image/svg+xml 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givebutter.com/storage/assets/flow/icons/24/Love%20Filled.svg

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15eca989381d4b9c996b23992775d3c24307d08baacc5ce34dc3ea33f68cb7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
age: 1726
etag: W/"6557a49f-293"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 828355322bd1a93d-SYD

GET
H2 200 Close.svg
givebutter.com/storage/assets/flow/icons/24/ Frame DFEA 712 B
464 B 23ms
23ms Image
image/svg+xml 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givebutter.com/storage/assets/flow/icons/24/Close.svg

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c335c755c00ed454696156d615d61698f378029b73ca457936246f90c86163bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
age: 2979
etag: W/"6557a49f-2c8"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 828355322bd2a93d-SYD

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FC25 52 KB
21 KB 5ms
3ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75318216-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 19:52:35 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6062
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 21:52:35 GMT

GET
DATA 200
OK truncated
/ Frame FC25 215 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 Love%20Filled.svg
givebutter.com/storage/assets/flow/icons/24/ Frame FC25 659 B
434 B 21ms
20ms Image
image/svg+xml 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givebutter.com/storage/assets/flow/icons/24/Love%20Filled.svg

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15eca989381d4b9c996b23992775d3c24307d08baacc5ce34dc3ea33f68cb7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
age: 1727
etag: W/"6557a49f-293"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 82835532bc45a93d-SYD

GET
H2 200 Close.svg
givebutter.com/storage/assets/flow/icons/24/ Frame FC25 712 B
437 B 19ms
19ms Image
image/svg+xml 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givebutter.com/storage/assets/flow/icons/24/Close.svg

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c335c755c00ed454696156d615d61698f378029b73ca457936246f90c86163bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
age: 2979
etag: W/"6557a49f-2c8"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 82835532bc47a93d-SYD

GET
H2 200 Donate%20-%20Heart%20Anim.json Show response
givebutter.com/storage/assets/flow/animation/ Frame FC25 110 KB
5 KB 655ms
654ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/storage/assets/flow/animation/Donate%20-%20Heart%20Anim.json

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a02f78e600e8272c473819f97a46a1c070f8ceeddaf29ac5655e371375e9456a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6557a49f-1b8b4"
vary: Accept-Encoding
content-type: application/json
cf-ray: 82835532cc48a93d-SYD

GET
H2 200 Donate%20-%20Seal.json Show response
givebutter.com/storage/assets/flow/animation/ Frame FC25 63 KB
3 KB 683ms
683ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/storage/assets/flow/animation/Donate%20-%20Seal.json

Requested by

Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/js/campaign/layouts/embed.120a4ef2e23aa574790c726b00d82b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e554bc156b6e3a3d05525af219824241f504293f0300b40d8ca1385bbaf2b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Nov 2023 17:36:31 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6557a49f-fbf0"
vary: Accept-Encoding
content-type: application/json
cf-ray: 82835532cc4aa93d-SYD

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame DFEA 297 KB
85 KB 3ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d07fe581ed16759174057c63b573fc93

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

cd32610b8982b3dfe1b2fca5c195d8f7d7d7a22da1e723f5d1a2003a23e1d653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 21:33:37 GMT
content-md5: 4Zl2ZKn+LWcbdto3BErTxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: bYnTUMlMBg4KQk5527iH6C1ErYgcnICfYDVd6yiWbu8EBxH8247YKbrGeiF8/L2QUVWmDshxHR4usPYLWCLABw==
x-fb-content-md5: 06c8c60e2a5205105cb64329ab8054ae
cross-origin-opener-policy: same-origin-allow-popups
etag: "b1fc259a957575b57fd270ff9ca60616"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 17 Nov 2024 20:16:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FC25 297 KB
85 KB 7ms
6ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d07fe581ed16759174057c63b573fc93

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

cd32610b8982b3dfe1b2fca5c195d8f7d7d7a22da1e723f5d1a2003a23e1d653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 21:33:37 GMT
content-md5: 4Zl2ZKn+LWcbdto3BErTxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: bYnTUMlMBg4KQk5527iH6C1ErYgcnICfYDVd6yiWbu8EBxH8247YKbrGeiF8/L2QUVWmDshxHR4usPYLWCLABw==
x-fb-content-md5: 06c8c60e2a5205105cb64329ab8054ae
cross-origin-opener-policy: same-origin-allow-popups
etag: "b1fc259a957575b57fd270ff9ca60616"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 17 Nov 2024 20:16:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame DFEA 52 KB
21 KB 3ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75318216-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 19:52:35 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6062
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 21:52:35 GMT

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v6.4.2/js/ Frame DFEA 27 KB
8 KB 15ms
10ms Fetch
application/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/js/pro-v4-shims.min.js?token=c37fafd8d9
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c37fafd8d9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:59 GMT
server: cloudflare
age: 1452514
etag: "64c9580f-1ddc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 82835533a82a5d20-SYD
content-length: 7644

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v6.4.2/js/ Frame DFEA 60 KB
17 KB 15ms
11ms Fetch
application/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/js/pro.min.js?token=c37fafd8d9
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c37fafd8d9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:59 GMT
server: cloudflare
age: 176098
etag: "64c9580f-4555"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 82835533a8285d20-SYD
content-length: 17749

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame DD87 200 B
1 KB 5ms
4ms Document
text/html 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givebutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1124
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 21:14:54 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Mon, 13 Nov 2023 21:03:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-id: DGeJjDUH3KZO5HoYKJbZ415sOsbFZV5PL_l5gdVtwkH_2gInhMQJow==
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DD87 631 B
1 KB 5ms
4ms Script
text/javascript 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:14:58 GMT
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1122
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oJfN5bgv33RtQ3MUomvHAB7DtBvZhkvCRrH770CB8_Wj9XIf-cEm3w==

POST
H2 200 csp-report
q.stripe.com/ Frame DD87 0
718 B 476ms
155ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217627848
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700343217627284
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DD87 0
716 B 476ms
155ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217627854
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700343217627322
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 495A 930 B
1 KB 361ms
14ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 117
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 21:33:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 164
x-content-type-options: nosniff
x-request-id: 4a5fdf7f-1972-4691-ba8b-0288b8e95bca
x-served-by: cache-bne12528-BNE
x-timer: S1700343218.594404,VS0,VE0

GET
H2 200 shield-check.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ Frame DFEA 599 B
472 B 12ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/shield-check.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b79a9062fe3b0480013610260abb10a051268d1ccf00470d432ac5a8584185

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:21:44 GMT
server: cloudflare
age: 1396140
etag: W/"64c95b48-257"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e8545d20-SYD

GET
H2 200 arrow-left.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ Frame DFEA 477 B
426 B 10ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/arrow-left.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66d57025dbc70e169c45a793b43a18393c6df9c59851d9f166ae862afca69b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:12:25 GMT
server: cloudflare
age: 1396140
etag: W/"64c95919-1dd"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e8555d20-SYD

GET
H2 200 envelope.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ Frame DFEA 507 B
446 B 11ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/envelope.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eefd5982e22d648ce28e4122ae6977c356f50d2e3385b9793004eca1464ef6a4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:21:19 GMT
server: cloudflare
age: 184526
etag: W/"64c95b2f-1fb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e8575d20-SYD

GET
H2 200 facebook.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame DFEA 512 B
447 B 10ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/facebook.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:03 GMT
server: cloudflare
age: 1593663
etag: W/"64c95813-200"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e8585d20-SYD

GET
H2 200 twitter.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame DFEA 1 KB
696 B 11ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/twitter.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b0657c90db3bba56e0511db66b675033d4e6e84f45fbf00bd1b97da69cb8f4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:07 GMT
server: cloudflare
age: 1423493
etag: W/"64c95817-40f"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e8595d20-SYD

GET
H2 200 whatsapp.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame DFEA 1 KB
733 B 12ms
12ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/whatsapp.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a60b417362e16cc0e1f02a90ae97189021e2539861977c00fddd0160a2a3a9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:17 GMT
server: cloudflare
age: 946211
etag: W/"64c95821-46e"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e85a5d20-SYD

GET
H2 200 linkedin.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame DFEA 672 B
519 B 15ms
15ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/linkedin.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5d28be227369573677a7e1277e873a019a40d264c138a0c79ed39d8e02bc0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:04 GMT
server: cloudflare
age: 1456421
etag: W/"64c95814-2a0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e85b5d20-SYD

GET
H2 200 copy.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ Frame DFEA 663 B
476 B 11ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/copy.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643a37efb1863c3f1ed22423c9689b9fb49b0ebf9589e7ba085a4889bf7770ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:12:39 GMT
server: cloudflare
age: 878591
etag: W/"64c95927-297"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835533e85d5d20-SYD

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 87F1 28 B
185 B 133ms
132ms XHR
application/json 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Goog-Request-Time: 1700343217264
Content-Type: application/json
X-YouTube-Utc-Offset: 480
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/pCsj18VgIpc
X-YouTube-Client-Version: 1.20231114.01.00
X-YouTube-Time-Zone: Australia/Perth
X-Goog-Visitor-Id: CgtwcFB0ODhTVjhxbyiu2-SqBjIICgJBVRICGgA%3D
X-YouTube-Ad-Signals: dt=1700343215060&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame DFEA 3 B
356 B 524ms
125ms XHR
application/json 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA-HrsGwQ0MW-YRyd-jp_YqJ0RmuY5LLqs&libraries=places&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://givebutter.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 usage Show response
givebutter.com/elements/api/v1/CusXGBLfsIZDzWXG/elements/ Frame DFEA 51 B
966 B 289ms
289ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/elements/api/v1/CusXGBLfsIZDzWXG/elements/usage?url=https%3A%2F%2Fgivebutter.com%2Fembed%2Fc%2FB58O4O%3F%26gba_gb.element.id%3Dj14K7p

Requested by

Host: js.givebutter.com
URL: https://js.givebutter.com/elements/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a65146e588cb9b4da0ed50d019fa26b01f86f969f642b3207fdf121a3f9a9ac

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
cross-origin-embedder-policy: unsafe-none
content-security-policy: base-uri 'self'
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
cache-control: max-age=8782, must-revalidate, public
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
cf-ray: 828355349dafa93d-SYD

GET
H2 200 usage Show response
givebutter.com/elements/api/v1/CusXGBLfsIZDzWXG/elements/ Frame FC25 51 B
2 KB 259ms
259ms XHR
application/json 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/elements/api/v1/CusXGBLfsIZDzWXG/elements/usage?url=https%3A%2F%2Fgivebutter.com%2Fembed%2Fc%2FB58O4O%3F%26gba_gb.element.id%3Dj14K7p

Requested by

Host: js.givebutter.com
URL: https://js.givebutter.com/elements/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a65146e588cb9b4da0ed50d019fa26b01f86f969f642b3207fdf121a3f9a9ac

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
cross-origin-embedder-policy: unsafe-none
content-security-policy: base-uri 'self'
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
cache-control: max-age=8782, must-revalidate, public
permissions-policy: accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
cf-ray: 828355349db7a93d-SYD

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame FC25 3 B
90 B 489ms
220ms XHR
application/json 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA-HrsGwQ0MW-YRyd-jp_YqJ0RmuY5LLqs&libraries=places&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://givebutter.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 495A 0
491 B 159ms
158ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217694261
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700343217692969
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 495A 87 KB
15 KB 14ms
14ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 18 Nov 2023 21:33:37 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 262
x-cache: HIT
content-length: 15509
x-request-id: 254c2954-cf29-4bc0-bdaa-2819f53c0cd8
x-served-by: cache-bne12528-BNE
server: Fastly
x-timer: S1700343218.631360,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 334

GET
H2 200 nr-rum-1.248.0.min.js Show response
js-agent.newrelic.com/ Frame DFEA 44 KB
16 KB 46ms
13ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.248.0.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe2c8e1464e377e0e004cae5ca02498a306b7090feddbd3abe14d088c5a7bc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5pOats3JozwL.Cq.YDQ1.AKeG91t1nFP
content-encoding: br
via: 1.1 varnish
date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: EAM8GQ4THJNTXH29
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15747
x-amz-id-2: EVgnYzTN7veyLayTLEXvHK76fH5t6Yd4m5X3MpZzLrSJFCQSAn8mM667uTEDu6iKg+9TMffLPik=
x-served-by: cache-bne12521-BNE
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
x-timer: S1700343218.739631,VS0,VE0
etag: "ee8c8948e29e77d6bade8edf829b4863"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 77684

POST
H2 200 6 Show response
m.stripe.com/ Frame 495A 156 B
670 B 465ms
156ms XHR
application/json 52.37.229.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.229.91 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-229-91.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87e706b092a273400071e85cdabdf9c854c941cf56617be760ca68e033e11ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 18 Nov 2023 21:33:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343218087729
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700343218087479
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 rum Show response
givebutter.com/cdn-cgi/ Frame DFEA 0
170 B 5ms
4ms XHR
text/plain 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givebutter.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82835536bf1ba93d-SYD

GET
DATA 200
OK truncated
/ Frame DFEA 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c66db7153e51bf96d8c5db8e5cae83333235462e3bcae23056459634f68a149

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 Matter-Regular.woff2
givebuttercdn.com/fonts/Matter/ Frame DFEA 31 KB
31 KB 319ms
11ms Font
font/woff2 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/fonts/Matter/Matter-Regular.woff2
Requested by: Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da83fbbef0baaca05320982fb4bee293959ec222e4683ded73a621ed24dae559

Request headers

Referer: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:38 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 20:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 937
etag: "ef5fcfdb1c5008a6d178160610eb6380"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkk694CPuCyU6U8sPsspg4WtINopTR4WXfmCsArn0s58kJcYH2UOWABXABE8Dy3wBbS4P1hdW5uPCRYnxHHtVlZfYZ57fxHFhASW2KqPNEp3iI6dOmteiHpalMB%2Bkefs3907"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://givebutter.com
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82835538acf3a889-SYD
content-length: 31724

GET
H2 200 Matter-Medium.woff2
givebuttercdn.com/fonts/Matter/ Frame DFEA 31 KB
32 KB 317ms
9ms Font
font/woff2 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/fonts/Matter/Matter-Medium.woff2
Requested by: Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3677e23d988059a7f8ce54c455ff98cd2dbf163bf8bc1b6eaac75c838228d

Request headers

Referer: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:38 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 20:02:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 937
etag: "b2689cd318d2ca5904e48681eacda205"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0wYaAFq3A3WxhUTrRrSbRZACAQmMO7%2BnLd1oNIkcGb4l8dZplZhJ84iOH5t1iFqFTQWau7MyEDvKF9HUkULOmgaOBt%2BYEnUC3GfxayYX6PvWCnt1X6pbpZ3s%2BMkXH2ngtS4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://givebutter.com
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82835538acf5a889-SYD
content-length: 32112

GET
H2 200 Matter-SemiBold.woff2
givebuttercdn.com/fonts/Matter/ Frame DFEA 32 KB
32 KB 320ms
12ms Font
font/woff2 172.67.72.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givebuttercdn.com/fonts/Matter/Matter-SemiBold.woff2
Requested by: Host: givebuttercdn.com
URL: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856ca1ff9bf0886b1ca22ba2f59f0fe805be7dde4ed8e849a3aa2cb07d3f8cca

Request headers

Referer: https://givebuttercdn.com/apps/prod/css/main.6bbd0b1afd94cd0178f736c11b9e0725.css
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:38 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 20:02:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 937
etag: "efa5fe3e8fe23834c9d7c97eee4ca653"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBqt5J5FK03OoOomNrf96yD3aVPZmZX4U0xlbIcv5PyMiE%2FnYuq8dzPgcYgvog%2BVWt%2FHMfcBf6QxWipCKepde6JeT7VxvRh7IRCxUsu8biOxphL14jS8BS3NZkc8DtLbyHTi"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://givebutter.com
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82835538acf4a889-SYD
content-length: 32420

POST
H/1.1 200
OK NRJS-8567052948d47819af1 Show response
bam.nr-data.net/1/ Frame DFEA 40 B
463 B 486ms
433ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-8567052948d47819af1?a=278463065&v=1.248.0&to=MVdXbBRYW0dRBUELWAgddFsSUFpaHydFEmsuRkFIOnpaWkQUWg5bA0BGZDRWQEBVJVoMQxRdWVQDS3VRXQRQBmUDQVpUEFw%3D&rst=2204&ck=0&s=d70487cfcc8bb3c4&ref=https://givebutter.com/embed/c/B58O4O&ap=141&be=702&fe=1444&dc=971&at=HRBUGlxCSEk%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1700343215554,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:303,%22ce%22:309,%22rq%22:309,%22rp%22:702,%22rpe%22:707,%22di%22:1474,%22ds%22:1669,%22de%22:1673,%22dc%22:2146,%22l%22:2146,%22le%22:2146%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.248.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer: https://givebutter.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 18 Nov 2023 21:33:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://givebutter.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 828355375f32a892-SYD
Content-Length: 40

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v6.4.2/js/ Frame FC25 27 KB
8 KB 18ms
14ms Fetch
application/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/js/pro-v4-shims.min.js?token=c37fafd8d9
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c37fafd8d9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:59 GMT
server: cloudflare
age: 1452514
etag: "64c9580f-1ddc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 828355378aa65d20-SYD
content-length: 7644

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v6.4.2/js/ Frame FC25 60 KB
17 KB 15ms
12ms Fetch
application/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/js/pro.min.js?token=c37fafd8d9
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c37fafd8d9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:59 GMT
server: cloudflare
age: 176098
etag: "64c9580f-4555"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 828355378aa75d20-SYD
content-length: 17749

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 6306 200 B
1 KB 6ms
5ms Document
text/html 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givebutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1124
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 21:14:54 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Mon, 13 Nov 2023 21:03:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-id: 3YU0Mcy32lFLqGRTRZGLTY8bgfqFeQUdvgqgr8xVtlpUsmfORuCg4A==
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6306 631 B
1 KB 6ms
5ms Script
text/javascript 18.67.111.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-45.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:14:58 GMT
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1122
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BPp_q4vFRji_sgqjMBf3EuW3LryNk2jcJiNc5ChoMn3mo3sp_pFY0Q==

POST
H2 200 csp-report
q.stripe.com/ Frame 6306 0
717 B 155ms
154ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217945766
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700343217945368
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6306 0
717 B 159ms
158ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217949480
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700343217948413
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shield-check.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ Frame FC25 599 B
435 B 11ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/shield-check.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b79a9062fe3b0480013610260abb10a051268d1ccf00470d432ac5a8584185

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:21:44 GMT
server: cloudflare
age: 1396140
etag: W/"64c95b48-257"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad25d20-SYD

GET
H2 200 arrow-left.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ Frame FC25 477 B
371 B 11ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/arrow-left.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66d57025dbc70e169c45a793b43a18393c6df9c59851d9f166ae862afca69b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:12:25 GMT
server: cloudflare
age: 1396140
etag: W/"64c95919-1dd"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad35d20-SYD

GET
H2 200 envelope.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ Frame FC25 507 B
403 B 12ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/envelope.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eefd5982e22d648ce28e4122ae6977c356f50d2e3385b9793004eca1464ef6a4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:21:19 GMT
server: cloudflare
age: 184526
etag: W/"64c95b2f-1fb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad45d20-SYD

GET
H2 200 facebook.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame FC25 512 B
403 B 11ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/facebook.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:03 GMT
server: cloudflare
age: 1593663
etag: W/"64c95813-200"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad55d20-SYD

GET
H2 200 twitter.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame FC25 1 KB
654 B 12ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/twitter.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b0657c90db3bba56e0511db66b675033d4e6e84f45fbf00bd1b97da69cb8f4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:07 GMT
server: cloudflare
age: 1423493
etag: W/"64c95817-40f"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad65d20-SYD

GET
H2 200 whatsapp.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame FC25 1 KB
713 B 12ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/whatsapp.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a60b417362e16cc0e1f02a90ae97189021e2539861977c00fddd0160a2a3a9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:17 GMT
server: cloudflare
age: 946211
etag: W/"64c95821-46e"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dad85d20-SYD

GET
H2 200 linkedin.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/ Frame FC25 672 B
477 B 10ms
10ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/brands/linkedin.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5d28be227369573677a7e1277e873a019a40d264c138a0c79ed39d8e02bc0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:08:04 GMT
server: cloudflare
age: 1456421
etag: W/"64c95814-2a0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dada5d20-SYD

GET
H2 200 copy.svg Show response
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ Frame FC25 663 B
434 B 11ms
11ms Fetch
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/copy.svg?token=c37fafd8d9
Requested by: Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643a37efb1863c3f1ed22423c9689b9fb49b0ebf9589e7ba085a4889bf7770ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://givebutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:12:39 GMT
server: cloudflare
age: 878591
etag: W/"64c95927-297"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82835537dadb5d20-SYD

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DFAD 930 B
637 B 14ms
14ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 117
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 21:33:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 166
x-content-type-options: nosniff
x-request-id: 8a22ae5f-1617-4d1d-8d5f-7ac6a94500c9
x-served-by: cache-bne12528-BNE
x-timer: S1700343218.906182,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame DFAD 0
491 B 155ms
155ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.familiesrenewed.org
URL: https://www.familiesrenewed.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343217989671
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1700343217988817
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame DFAD 87 KB
15 KB 13ms
13ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 18 Nov 2023 21:33:37 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 262
x-cache: HIT
content-length: 15509
x-request-id: b4d4c796-ec5f-42e9-bb37-2ee240440882
x-served-by: cache-bne12528-BNE
server: Fastly
x-timer: S1700343218.924709,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 335

POST
H2 200 6 Show response
m.stripe.com/ Frame DFAD 156 B
669 B 277ms
206ms XHR
application/json 52.37.229.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.229.91 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-229-91.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9667d44e3535c50a9bb825d66c4219116fb5bb80b5d840029a1adf847c28f73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 18 Nov 2023 21:33:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700343218137451
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700343218136857
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 nr-rum-1.248.0.min.js Show response
js-agent.newrelic.com/ Frame FC25 44 KB
15 KB 13ms
13ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.248.0.min.js

Requested by

Host: givebutter.com
URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe2c8e1464e377e0e004cae5ca02498a306b7090feddbd3abe14d088c5a7bc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://givebutter.com/
Origin: https://givebutter.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5pOats3JozwL.Cq.YDQ1.AKeG91t1nFP
content-encoding: br
via: 1.1 varnish
date: Sat, 18 Nov 2023 21:33:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: EAM8GQ4THJNTXH29
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15747
x-amz-id-2: EVgnYzTN7veyLayTLEXvHK76fH5t6Yd4m5X3MpZzLrSJFCQSAn8mM667uTEDu6iKg+9TMffLPik=
x-served-by: cache-bne12521-BNE
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
x-timer: S1700343218.954248,VS0,VE0
etag: "ee8c8948e29e77d6bade8edf829b4863"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 77685

POST
H2 204 rum Show response
givebutter.com/cdn-cgi/ Frame FC25 0
38 B 12ms
11ms XHR
text/plain 104.20.37.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givebutter.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.37.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 Nov 2023 21:33:37 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givebutter.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 828355383833a93d-SYD

POST
H/1.1 200
OK NRJS-8567052948d47819af1 Show response
bam.nr-data.net/1/ Frame FC25 40 B
463 B 497ms
443ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-8567052948d47819af1?a=278463065&v=1.248.0&to=MVdXbBRYW0dRBUELWAgddFsSUFpaHydFEmsuRkFIOnpaWkQUWg5bA0BGZDRWQEBVJVoMQxRdWVQDS3VRXQRQBmUDQVpUEFw%3D&rst=2403&ck=0&s=d70487cfcc8bb3c4&ref=https://givebutter.com/embed/c/B58O4O&qt=1&ap=123&be=675&fe=1707&dc=1609&at=HRBUGlxCSEk%3D&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1700343215565,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:299,%22rp%22:675,%22rpe%22:678,%22di%22:1529,%22ds%22:2276,%22de%22:2284,%22dc%22:2382,%22l%22:2382,%22le%22:2382%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.248.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer: https://givebutter.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 18 Nov 2023 21:33:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://givebutter.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 82835538a97e6a6c-SYD
Content-Length: 40

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.givebutter.com/	1970-01-20 16:19:05	Name: __cf_bm Value: CovE4fI8_kUvb0XI7x_RokX10zWp_6lMs1fj134deIY-1700343214-0-AesRhLMwcIJli2jEv6XgCcmrrczSuqRvoS1KPrGGs3sck+hqKz6po0gzvEKmYUry3dNnHQYI4/cTMOc1V3JqmRc=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yxxDnwF0MQ0
.youtube.com/	1970-01-20 20:38:15	Name: VISITOR_INFO1_LIVE Value: ppPt88SV8qo
m.stripe.com/	1970-01-21 01:55:03	Name: m Value: 5a797b63-86b6-4828-8171-f26205699b6269cf32

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p Message: Invalid 'X-Frame-Options' header encountered when loading 'https://givebutter.com/': '*' is not a recognized directive. The header will be ignored.
other	error	URL: https://givebutter.com/embed/c/B58O4O?&gba_gb.element.id=j14K7p Message: Invalid 'X-Frame-Options' header encountered when loading 'https://givebutter.com/': '*' is not a recognized directive. The header will be ignored.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.plaid.com
challenges.cloudflare.com
connect.facebook.net
fonts.gstatic.com
givebutter.com
givebuttercdn.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js-agent.newrelic.com
js.braintreegateway.com
js.givebutter.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
maps.googleapis.com
q.stripe.com
static.cloudflareinsights.com
static.doubleclick.net
widgets.givebutter.com
www.familiesrenewed.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.56.101
104.17.3.184
104.20.36.218
104.20.37.218
142.250.66.195
142.250.66.234
142.251.221.67
151.101.192.176
151.101.66.137
157.240.8.23
162.247.241.14
172.217.167.100
172.217.167.65
172.217.167.66
172.217.24.38
172.217.24.40
172.217.24.42
172.217.24.46
172.217.24.54
172.64.147.188
172.67.72.79
18.154.144.16
18.67.111.45
192.229.232.89
209.182.204.176
52.37.229.91
54.187.119.242
0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68
10c5d6ca14421f630f4fe4c98f1b5e719a7eb0e36ae2324706b583d4ff1c15f2
15eca989381d4b9c996b23992775d3c24307d08baacc5ce34dc3ea33f68cb7f7
193d49024398a5a65bee77922749cd4c60c57cff2f521c67c9ae532b121eeb8a
1a4ff90c6c571be1b559e58b68b98540b3ac83b1d2bd7142edec261857c06ded
1f9dd3d5e814621ae9bdea990433eedccb4d0d81e190d7027b2c4cf4831169ef
2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23
289b6d28797a9c72eec66e02a15f4100d1c3c5c7500f936ad73921bcc24eba75
294829932b49d76ccd202ebed502a16427e00ea0911f7d26de8b5e02739877f0
2993cfa266b468afaae6c45bed4afd550152ab24f445fb97da01f26dada9f313
33c230f2f903e3c9ec49f5f7aeab8a8f9e92eefbc261d7f9b591021fa2bad3ab
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4e554bc156b6e3a3d05525af219824241f504293f0300b40d8ca1385bbaf2b6b
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
53b0657c90db3bba56e0511db66b675033d4e6e84f45fbf00bd1b97da69cb8f4
57d479d609c92dfef64c0859d69c4748965fcba9fd500447854aa894f576392f
59574b6feb0fe85e713c0cf419da15c7e2657ad1bd43fe59a19d4e411930a2a4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
643a37efb1863c3f1ed22423c9689b9fb49b0ebf9589e7ba085a4889bf7770ab
66d31ddb6a194fe867ca32b181c90c861e4c921d456381c068eb2005301548ec
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a65146e588cb9b4da0ed50d019fa26b01f86f969f642b3207fdf121a3f9a9ac
6ab2c14eb3cac4064d563b65357fd36912c118888c236c80192320b0de43f3a6
7a5c4be4409d1aa1ed05629eb7a650608e5dc8e873010f527d778c690a031649
7a60b417362e16cc0e1f02a90ae97189021e2539861977c00fddd0160a2a3a9e
7ac3677e23d988059a7f8ce54c455ff98cd2dbf163bf8bc1b6eaac75c838228d
7df1b4f129de410910b2cca0f37a864df8014a3fe6cb99b790cf8910823c4695
856ca1ff9bf0886b1ca22ba2f59f0fe805be7dde4ed8e849a3aa2cb07d3f8cca
8636c343d9a05d8d327042b20a0b57664e80f8a2288b814b146fbad652a700c0
87b010edc18752647dcd8749bfe9abea7cb1eaf4f3ea4de0898b3ed325b1ed08
87bcc0b2ff0735962aca04481606d8a8f8e88ffe2d371d9e57f950fec1fdd9e8
87e706b092a273400071e85cdabdf9c854c941cf56617be760ca68e033e11ce6
8a4afd72ae41f5b98e14911bac731d264cd2e68f38e98af3e684aac4297372da
8c66db7153e51bf96d8c5db8e5cae83333235462e3bcae23056459634f68a149
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9667d44e3535c50a9bb825d66c4219116fb5bb80b5d840029a1adf847c28f73a
9683d7fa089ef1eb3e345c52bcc7fdb589e7b85c1c361e7b8b59b8a59fe97682
9bc8ca798f8da8b10da63c252adf20f2bdcd04fb433a92ba8b82b7d71fad0579
a02f78e600e8272c473819f97a46a1c070f8ceeddaf29ac5655e371375e9456a
a2b79a9062fe3b0480013610260abb10a051268d1ccf00470d432ac5a8584185
a3d33e0145fee1f52a554d1a03d837bea8763d310269c95ed3025a23c64e9231
a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f
aac97cc6c740493a54107e3fbcfdcc31f9ef2f4b797d6a71564fcaf36762a98b
aaca5fad2f9cc3bac80a67829c1cccd21515c2bd095fd62c6007ab69e03dd4f2
ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3
ba4ec7991756e49562aa036ee42a8c985404342f653c1b43a25554acca54ab99
ba5a778857722aae0f0d4482389b5fb50cfcf042b2241962dc33f2f9d902730d
bd7943e33f3ca4d91a23122127b876c876a15692241d7cba58a46cc2e41c52a5
c335c755c00ed454696156d615d61698f378029b73ca457936246f90c86163bf
c5b1dc36c2cd2340958bc0ca05823d998f52df1d8a2f6081a54dea052922b96d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd32610b8982b3dfe1b2fca5c195d8f7d7d7a22da1e723f5d1a2003a23e1d653
d66d57025dbc70e169c45a793b43a18393c6df9c59851d9f166ae862afca69b9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7f1f3bcab26ca243071204ab79861bf27d33a6f0f517c1247ac1934578a9e4b
d7f70cd0990e3f833ea7ff40bd4872794bb0c987b03534f2ac3f229b9fd07f8d
da83fbbef0baaca05320982fb4bee293959ec222e4683ded73a621ed24dae559
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de561ce7f7edfd27038f5eb5980613a5ffb56982b5aefc63977475454789517c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0680cc0f398d6bcfb4cfe4108ddddc50e7f31ddc25cd19c594e185b9b3edc3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5344d027c0a063d9e65f7518075f5718f73c9b66e877967d7cbabe4c5210c53
e804435687ed72000c8c1c72a6e637cfa3730077592c6025fa4c00968aca860b
e84c7947cd05d2b07031112cd7e19a8c2902422cd2f1283acca4f2c21bafdaf5
ec5d28be227369573677a7e1277e873a019a40d264c138a0c79ed39d8e02bc0e
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee45ce821001edb5ecbdab5cd6c546ea98b1efe780a764f90d1373567d9666c4
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eefd5982e22d648ce28e4122ae6977c356f50d2e3385b9793004eca1464ef6a4
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
fb128d11873821d66616bc81a3229f7b664483472e52213dc15e39e5716d6dcc
fe2c8e1464e377e0e004cae5ca02498a306b7090feddbd3abe14d088c5a7bc19

www.familiesrenewed.org Open in urlscan Pro 209.182.204.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

0 %IPv6

22 Domains

30 Subdomains

28 IPs

3 Countries

7569 kBTransfer

13386 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.familiesrenewed.org Open in urlscan Pro
209.182.204.176 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

0 %
IPv6

22
Domains

30
Subdomains

28
IPs

3
Countries

7569 kB
Transfer

13386 kB
Size

4
Cookies

129 HTTP transactions
4 data transactions