give.salvationarmyflorida.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://give.salarmy-miami.org/
Effective URL:
https://give.salvationarmyflorida.org/give/180131/
Submission: On September 28 via manual (September 28th 2022, 11:53:14 pm UTC) from US — Scanned from DE

Summary HTTP 375 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 90 IPs in 8 countries across 75 domains to perform 375 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.salvationarmyflorida.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.

This is the only time give.salvationarmyflorida.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.34.124 76.223.34.124	16509 (AMAZON-02) (AMAZON-02)
17	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.28 52.222.236.28	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.61 13.32.121.61	16509 (AMAZON-02) (AMAZON-02)
28	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
18	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.41 13.32.121.41	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6	54.77.143.129 54.77.143.129	16509 (AMAZON-02) (AMAZON-02)
6	52.29.114.196 52.29.114.196	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	96.16.147.243 96.16.147.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.225.250 52.222.225.250	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	54.164.251.248 54.164.251.248	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
41	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.30.247.235 52.30.247.235	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.32.199 34.248.32.199	16509 (AMAZON-02) (AMAZON-02)
2	193.108.153.28 193.108.153.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2600:9000:223... 2600:9000:223e:6a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1 11	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
9 10	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
14	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	52.41.97.242 52.41.97.242	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c06::5c	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
4	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.29.159.59 52.29.159.59	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	108.138.17.118 108.138.17.118	16509 (AMAZON-02) (AMAZON-02)
1 4	34.193.169.174 34.193.169.174	14618 (AMAZON-AES) (AMAZON-AES)
1	23.23.175.40 23.23.175.40	14618 (AMAZON-AES) (AMAZON-AES)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:6c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
26	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.64.233.235 3.64.233.235	16509 (AMAZON-02) (AMAZON-02)
1 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:9000:223... 2600:9000:223d:6000:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:9000:223... 2600:9000:223c:1c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.42 108.138.7.42	16509 (AMAZON-02) (AMAZON-02)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	54.81.23.211 54.81.23.211	14618 (AMAZON-AES) (AMAZON-AES)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.94.157.102 3.94.157.102	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:319:ee2:5022:1df1	14618 (AMAZON-AES) (AMAZON-AES)
1	54.171.98.27 54.171.98.27	16509 (AMAZON-02) (AMAZON-02)
1	54.77.178.38 54.77.178.38	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
375	90

1 76.223.34.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aa089eb6179d1ae2b.awsglobalaccelerator.com

give.salarmy-miami.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

give.salvationarmyflorida.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-28.fra56.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-61.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.77.143.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.29.114.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.225.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-225-250.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.164.251.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-251-248.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.247.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

thesalvationarmy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

thesalvationarmy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.32.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-28.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:6a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.49 (United States) 9 redirects

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.97.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-97-242.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c06::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.159.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-118.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.169.174 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-169-174.compute-1.amazonaws.com

tags.wdsvc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.175.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-175-40.compute-1.amazonaws.com

b.videoamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.233.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-233-235.eu-central-1.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:6000:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-42.fra56.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20841493p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.23.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-23-211.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.157.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-157-102.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:319:ee2:5022:1df1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.98.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.178.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-178-38.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	stripe.com js.stripe.com — Cisco Umbrella Rank: 1097 q.stripe.com — Cisco Umbrella Rank: 6952 m.stripe.com — Cisco Umbrella Rank: 1019 r.stripe.com — Cisco Umbrella Rank: 4548	831 KB
45	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2925 play.google.com — Cisco Umbrella Rank: 25	792 KB
22	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 93558 pay.classy.org — Cisco Umbrella Rank: 126790 assets.classy.org — Cisco Umbrella Rank: 103287	1 MB
18	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	79 KB
17	paypal.com www.paypal.com — Cisco Umbrella Rank: 2601 t.paypal.com — Cisco Umbrella Rank: 3374	212 KB
17	salvationarmyflorida.org give.salvationarmyflorida.org	58 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	399 KB
15	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	12 KB
11	google.de www.google.de — Cisco Umbrella Rank: 6301	1 KB
11	everesttech.net 10 redirects cm.everesttech.net — Cisco Umbrella Rank: 1030 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6726 sync-tm.everesttech.net — Cisco Umbrella Rank: 537	2 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 561 c.clarity.ms — Cisco Umbrella Rank: 1017 n.clarity.ms — Cisco Umbrella Rank: 5413	28 KB
8	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1176 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1871	14 KB
8	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2860 heapanalytics.com — Cisco Umbrella Rank: 2531	47 KB
7	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 211 thesalvationarmy.demdex.net — Cisco Umbrella Rank: 294561	10 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 378 c.bing.com — Cisco Umbrella Rank: 224	14 KB
6	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 704 analytics.twitter.com — Cisco Umbrella Rank: 540 syndication.twitter.com — Cisco Umbrella Rank: 964	134 KB
6	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 717 notify.bugsnag.com — Cisco Umbrella Rank: 1141	173 B
5	rfihub.com 2 redirects 20841493p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 2859 p.rfihub.com — Cisco Umbrella Rank: 713	7 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	338 B
4	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 617	1 KB
4	wdsvc.net 1 redirects tags.wdsvc.net — Cisco Umbrella Rank: 31537	28 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 947	96 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	336 KB
3	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 574	2 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
3	bttrack.com cdn.bttrack.com — Cisco Umbrella Rank: 6594 bttrack.com — Cisco Umbrella Rank: 725	3 KB
3	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 417 secure.quantserve.com — Cisco Umbrella Rank: 922	11 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	33 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	131 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 329	107 B
2	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 5690 people.api.boomtrain.com — Cisco Umbrella Rank: 6028	26 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	478 B
2	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2074	3 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1002	13 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2301	33 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1183	16 KB
2	t.co t.co — Cisco Umbrella Rank: 495	605 B
2	omtrdc.net thesalvationarmy.sc.omtrdc.net — Cisco Umbrella Rank: 279094	4 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	53 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	30 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15715	75 KB
2	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 8378 api.braintreegateway.com — Cisco Umbrella Rank: 8897	52 KB
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 68341	111 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 455	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1035	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1219	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1884	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 560	617 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 940	344 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5872	6 KB
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 993	550 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 904	225 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 394	273 B
1	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 2701	781 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 861	2 KB
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2023	313 B
1	videoamp.com b.videoamp.com — Cisco Umbrella Rank: 3604	312 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 855	676 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1023	402 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 663	30 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 217	625 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 681	183 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 318	18 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 971	9 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 6242	3 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 784	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 36056	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1029	5 KB
1	salarmy-miami.org 1 redirects give.salarmy-miami.org	585 B
0	rackcdn.com Failed 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com Failed
375	75

	Domain	Requested by
28	r.stripe.com	js.stripe.com
28	js.stripe.com	give.salvationarmyflorida.org js.stripe.com
26	play.google.com	www.gstatic.com
18	www.google-analytics.com	give.salvationarmyflorida.org www.gstatic.com
17	give.salvationarmyflorida.org	give.salvationarmyflorida.org
14	www.paypal.com	give.salvationarmyflorida.org www.paypalobjects.com
13	q.stripe.com	give.salvationarmyflorida.org
13	prod-frs.content.classy.org	give.salvationarmyflorida.org prod-frs.content.classy.org
11	www.google.de
11	www.google.com	1 redirects
10	googleads.g.doubleclick.net	1 redirects give.salvationarmyflorida.org
9	sync-tm.everesttech.net	9 redirects
8	www.gstatic.com	pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com give.salvationarmyflorida.org www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
7	heapanalytics.com
6	pay.classy.org	give.salvationarmyflorida.org
6	bs.serving-sys.com	give.salvationarmyflorida.org
6	dpm.demdex.net	give.salvationarmyflorida.org
5	www.facebook.com
5	bat.bing.com	give.salvationarmyflorida.org
4	insight.adsrvr.org
4	tags.wdsvc.net	1 redirects give.salvationarmyflorida.org
4	notify.bugsnag.com	give.salvationarmyflorida.org
4	n.clarity.ms	give.salvationarmyflorida.org
4	tr.snapchat.com	give.salvationarmyflorida.org sc-static.net
4	analytics.tiktok.com	give.salvationarmyflorida.org analytics.tiktok.com
4	www.googletagmanager.com	give.salvationarmyflorida.org
3	p.rfihub.com	2 redirects
3	sync.search.spotxchange.com	1 redirects
3	ib.adnxs.com	1 redirects
3	dsum-sec.casalemedia.com	1 redirects
3	t.paypal.com
3	www.clarity.ms	give.salvationarmyflorida.org
3	www.googleadservices.com	give.salvationarmyflorida.org
3	connect.facebook.net	give.salvationarmyflorida.org
3	stats.g.doubleclick.net	give.salvationarmyflorida.org
3	assets.classy.org
3	platform.twitter.com	1 redirects give.salvationarmyflorida.org
2	x.bidswitch.net	1 redirects
2	idsync.rlcdn.com
2	pixel.rubiconproject.com
2	cm.g.doubleclick.net	1 redirects
2	bttrack.com
2	live.rezync.com	1 redirects give.salvationarmyflorida.org
2	tags.tiqcdn.com	give.salvationarmyflorida.org
2	pixel.quantserve.com	1 redirects
2	www.paypalobjects.com	give.salvationarmyflorida.org
2	c.clarity.ms	1 redirects
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	analytics.twitter.com
2	t.co
2	secure-ds.serving-sys.com	give.salvationarmyflorida.org
2	thesalvationarmy.sc.omtrdc.net	give.salvationarmyflorida.org
2	www.youtube.com	give.salvationarmyflorida.org
2	static.ads-twitter.com	give.salvationarmyflorida.org
2	sessions.bugsnag.com	give.salvationarmyflorida.org
2	cdn.plaid.com	give.salvationarmyflorida.org
2	doublethedonation.com	give.salvationarmyflorida.org
1	beacon.krxd.net
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	contextual.media.net
1	ps.eyeota.net
1	a.rfihub.com
1	people.api.boomtrain.com	give.salvationarmyflorida.org
1	20841493p.rfihub.com	give.salvationarmyflorida.org
1	cdn.boomtrain.com	give.salvationarmyflorida.org
1	c1.rfihub.net	give.salvationarmyflorida.org
1	pxl.qccerttest.com
1	image2.pubmatic.com
1	us-u.openx.net
1	collect.tealiumiq.com	give.salvationarmyflorida.org
1	rules.quantcount.com	give.salvationarmyflorida.org
1	pt.ispot.tv
1	b.videoamp.com
1	cdn.bttrack.com	give.salvationarmyflorida.org
1	secure.quantserve.com	give.salvationarmyflorida.org
1	api.braintreegateway.com	give.salvationarmyflorida.org
1	cms.analytics.yahoo.com	1 redirects
1	d.turn.com	1 redirects
1	c.bing.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	lasteventf-tm.everesttech.net	give.salvationarmyflorida.org
1	code.jquery.com	give.salvationarmyflorida.org
1	bam.nr-data.net	give.salvationarmyflorida.org
1	cm.everesttech.net	1 redirects
1	thesalvationarmy.demdex.net	give.salvationarmyflorida.org
1	fonts.googleapis.com	give.salvationarmyflorida.org
1	geolocation.onetrust.com	give.salvationarmyflorida.org
1	js-agent.newrelic.com	give.salvationarmyflorida.org
1	sc-static.net	give.salvationarmyflorida.org
1	www.everestjs.net	give.salvationarmyflorida.org
1	cdn.heapanalytics.com	give.salvationarmyflorida.org
1	js.braintreegateway.com	give.salvationarmyflorida.org
1	unpkg.com	give.salvationarmyflorida.org
1	htp.tokenex.com	give.salvationarmyflorida.org
1	static.cloudflareinsights.com	give.salvationarmyflorida.org
1	give.salarmy-miami.org	1 redirects
0	479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com Failed	prod-frs.content.classy.org
375	103

This site contains links to these domains. Also see Links.

Domain
www.classy.org

Subject Issuer	Validity	Valid
give.salvationarmyflorida.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2022-06-03` - `2023-07-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2022-01-12` - `2023-02-13`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-07-28` - `2023-08-28`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-08` - `2022-10-06`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
api.braintreegateway.com DigiCert SHA2 Extended Validation Server CA	`2022-09-07` - `2023-10-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.rezync.com Amazon	`2021-12-26` - `2023-01-23`	a year	crt.sh
*.videoamp.com Amazon	`2022-09-06` - `2023-10-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ispot.tv R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.tealiumiq.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
tags.wdsvc.net Go Daddy Secure Certificate Authority - G2	`2021-11-01` - `2022-12-03`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.boomtrain.com Amazon	`2022-03-11` - `2023-04-09`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.api.boomtrain.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2022-05-02` - `2023-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://give.salvationarmyflorida.org/give/180131/
Frame ID: 935AE17EA9C4BA883424DBE2BFB9F81B
Requests: 214 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-557bf11dc87834b2929d6e0c94d567e3.html
Frame ID: 817535F55806E1622D07C6E2D2D6134C
Requests: 4 HTTP requests in this frame

Frame: https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Frame ID: 413013314519FD985154C130BBDC92BE
Requests: 14 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3CC253484C2421253E6BBA4C70F5E40D
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5ce1f9d9-71a9-44c4-827d-24f151ac647c&u_scsid=18bde737-d3c4-4ebe-9c1f-cd04b0f6c6e4&u_sclid=9c1b5a8e-2c71-401a-9cfd-3f04034a2ffa
Frame ID: 8432669B001A669EE2C069D64612177E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgive.salvationarmyflorida.org
Frame ID: 207FC6C3710FD90A2AD9925788A8EACB
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
Frame ID: 12EA0F1A9B45136EF226B08F60B01755
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
Frame ID: DE7080F9298C86B654E0D184AAF5D4DE
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
Frame ID: 95031B92941B019977885C456F452AE6
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 499C2398DE268036B62300F980B85958
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 99790D4E81B6E6A8731A2FF4427FD1D6
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
Frame ID: EA180BF3775C447627F21CBF14B86E9D
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
Frame ID: 103DFBAB5DD6E7BBB010DB29BEF3833A
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
Frame ID: 189090B41CE9ACB5BD3519CEA7C273B9
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 57A3DACAD6A5EE3C973CCB7E4C8A55AB
Requests: 15 HTTP requests in this frame

Frame: https://20841493p.rfihub.com/ca.html?ver=9&rb=46794&ca=20841493&_o=46794&_t=20841493&pe=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pf=&ra=12214400446620033
Frame ID: 3C6119149F98F11B7EAFF2D5B26A1846
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to The Salvation Army in Miami Fundraising Mail (TSM18aq)

Page URL History Show full URLs

http://give.salarmy-miami.org/ HTTP 301
https://give.salvationarmyflorida.org/give/180131/ Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

375
Requests

94 %
HTTPS

33 %
IPv6

75
Domains

103
Subdomains

90
IPs

8
Countries

4969 kB
Transfer

16895 kB
Size

106
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://give.salarmy-miami.org/ HTTP 301
https://give.salvationarmyflorida.org/give/180131/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 82

https://cm.everesttech.net/cm/dd?d_uuid=60468439344711799202234423944978563302 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzTeYQAAAEMWnwN-

Request Chain 154

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&RedC=c.clarity.ms&MXFR=1579DB9FC15461150309C9B2C5546F7F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&MUID=10FF6B6F259161FB0FB67942241A60D4

Request Chain 158

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2884301915493456739

Request Chain 174

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=R5GfHRXHmhtckpxKQ5qBGxebnRtcwJUZF5tXVGUX

Request Chain 221

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=60468439344711799202234423944978563302&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-aXynnh1E2pFZ7HUWcMEr20bFLoUHhOYjmNc-~A

Request Chain 235

https://tags.wdsvc.net/controller.js?id=100423 HTTP 302
https://tags.wdsvc.net/container.js?id=100423&v=4.00&t=1664409186633

Request Chain 260

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXpUZVlRQUFBRU1XbndOLQ==

Request Chain 262

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YzTeYQAAAEMWnwN-&expires=90

Request Chain 291

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN- HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN-&C=1

Request Chain 299

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Yt40Y7adKJDH1waj-ICIAg&sscte=1&crd=CJqqsQI&eitems=ChAI8OHPmQYQhbSF3fWfpZMtEh0AAfi3fBNQhyM5C5ICBVh5U48ZPw2vnylcftP0aQ&pscrd=Ek5DaEFJOE9IUG1RWVF2N0wzcTdiRHZ1UURFaVlBdEVfa2VlTFFLTENuMGNZVFliQU1HMWYtS1NIajdyYTAzZk52dmNMUnFRbk44OW04c1EaWkNoRUk4T0hQbVFZUXpwaXp5b2JncjZqakFSSXVBTGpvWGhNRXZXcV9CWHdIWGw4eS1vOVpLQ1poVXpEVEptZVA1SGloSmw4Q1NRcjJMeFlGNlNJOU90Mkh1QQ HTTP 302
https://www.google.com/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEFJOE9IUG1RWVF2N0wzcTdiRHZ1UURFaVlBdEVfa2VlTFFLTENuMGNZVFliQU1HMWYtS1NIajdyYTAzZk52dmNMUnFRbk44OW04c1EaWkNoRUk4T0hQbVFZUXpwaXp5b2JncjZqakFSSXVBTGpvWGhNRXZXcV9CWHdIWGw4eS1vOVpLQ1poVXpEVEptZVA1SGloSmw4Q1NRcjJMeFlGNlNJOU90Mkh1QQ&is_vtc=1&ocp_id=Yt40Y7adKJDH1waj-ICIAg&cid=CAQSKQCsnQUxavmCEC1HgLf4mZxiv248ciPCVii9wBjcbC8WVRujvhBco_byIBM&eitems=ChAI8OHPmQYQhbSF3fWfpZMtEh0AAfi3fKr3ULF5ApVEFlJkkU5A3KWVHH2TsNQU6w&random=1477087207&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEFJOE9IUG1RWVF2N0wzcTdiRHZ1UURFaVlBdEVfa2VlTFFLTENuMGNZVFliQU1HMWYtS1NIajdyYTAzZk52dmNMUnFRbk44OW04c1EaWkNoRUk4T0hQbVFZUXpwaXp5b2JncjZqakFSSXVBTGpvWGhNRXZXcV9CWHdIWGw4eS1vOVpLQ1poVXpEVEptZVA1SGloSmw4Q1NRcjJMeFlGNlNJOU90Mkh1QQ&is_vtc=1&ocp_id=Yt40Y7adKJDH1waj-ICIAg&cid=CAQSKQCsnQUxavmCEC1HgLf4mZxiv248ciPCVii9wBjcbC8WVRujvhBco_byIBM&eitems=ChAI8OHPmQYQhbSF3fWfpZMtEh0AAfi3fKr3ULF5ApVEFlJkkU5A3KWVHH2TsNQU6w&random=1477087207&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCo9cLSeFOCvB6lawr5Hpm5a5lf_BUjJSaiVM0oMpGG37c3PRB0ye9tNbc2m9H-HvKX6goiC33ObYnsU4sqyFCW

Request Chain 309

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YzTeYQAAAEMWnwN- HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYzTeYQAAAEMWnwN-

Request Chain 335

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YzTeYQAAAEMWnwN-

Request Chain 337

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzTeYQAAAEMWnwN-

Request Chain 340

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1&__user_check__=1&sync_id=b328b427-3f88-11ed-ad45-14e583300206

Request Chain 341

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YzTeYQAAAEMWnwN-&t=2592000&o=0

Request Chain 346

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTMyNjE0MzgxMg==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOObIUedsd3Id4dY2FTHhpY&google_cver=1

Request Chain 350

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5134455419326143812&bid=omt9pi0

Request Chain 353

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419326143812&referrer=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D89842490-7275-41ed-bd68-96d4d4588b1e%253A1664409188.058233 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233

Request Chain 362

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419326143812&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419326143812&expires=30

Request Chain 363

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YzTeYQAAAEMWnwN-

375 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.salvationarmyflorida.org/give/180131/
Redirect Chain

http://give.salarmy-miami.org/
https://give.salvationarmyflorida.org/give/180131/

83 KB
24 KB

1497ms
1197ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

553ab8953c01e9e4fe0becc8f65e2773beb7f562ac053f0745236a0954b9d285

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7520656d592dbbb6-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 143
Content-Type: text/html
Date: Wed, 28 Sep 2022 23:53:01 GMT
ER-Request-ID: 89f129026c7a84be131e8b86084c8197
ER-Rule-Id: r-7ec97714-c00c-41e4-9108-3389b2677167
Location: https://give.salvationarmyflorida.org/give/180131/#!/donation/checkout?c_src=23ddjmadmfftdpr005&c_src2=tsm_23_dm_acquisition&utm_source=tsm-705&utm_medium=23ddjmadmfftdpr005&utm_campaign=dm_acquisition
Pragma: no-cache
Server: EasyRedir
X-Content-Type-Options: nosniff

GET
H2 200 main.css
prod-frs.content.classy.org/prod/17079/static/frs/ 1 MB
140 KB 104ms
43ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/frs/main.css

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b48e30990ffeb08fe0906ffc30bc878dfd5f68fcec4c323d7e74e6ccca6a946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YBG6F2M1JNX0P3MD
age: 82830
cf-polished: origSize=1100408
x-amz-id-2: h2U4qXtvu9XMF42n5uPzaBmyrPoF5UYvFnBgK4ZePhdgrEwdYYcd5NRUfk6xizkQWz6qtiIq3+w=
cf-bgj: minify
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
etag: W/"c269146a3fab82b793f34c6362321b7a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 752065756a42bbb6-FRA

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 148 KB
20 KB 481ms
219ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: f29284391b13047f31dca4a8517dbad440d7c6172031241515f30b4527c4a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:03 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 17:22:19 GMT
server: nginx
etag: "633482cb-50af"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20655

GET
H2 200 rocket-loader.min.js Show response
give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
26ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/give/180131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
server: cloudflare
content-encoding: gzip
etag: W/"633188f8-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 752065757a51bbb6-FRA
expires: Fri, 30 Sep 2022 23:53:03 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 108ms
51ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://give.salvationarmyflorida.org/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:03 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 75206575dc84906c-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/17079/static/onetrust/ 50 KB
12 KB 46ms
44ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 9ZXB4N6428DW7PXE
age: 81938
cf-polished: origSize=54583
x-amz-id-2: isV7SPQ8z+5hBdUuoJ9CoWnMR4fLZlCsS+I6+7CblRIFbj9sUSaOq6yDXeLwKETARtI0OfFCO+Q=
cf-bgj: minify
last-modified: Thu, 22 Sep 2022 22:02:44 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 752065781d0abbb6-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 17 KB
5 KB 587ms
145ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e6ee5d369e4fea8821fd34d180c466fbf6bb9ca6a91f1488edc024bd6a2c4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:04 GMT
last-modified: Tue, 06 Sep 2022 15:29:51 GMT
etag: "804175815c2d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4497
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 82ms
30ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8435758
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G67V9K562FN8335THGH14DEN-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 752065786fe2bba1-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17079/static/frs/donation/ 181 KB
37 KB 44ms
43ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/frs/donation/module.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9228cacf02a63154bc12fc359842dc781d9af40a47a73553226ccb8a47747d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: ME7GCKEBRAMT7N0B
age: 81938
etag: W/"f9ad5fe4f4f0217bd14dd040bd2989b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 752065781d0dbbb6-FRA
x-amz-id-2: 2/gguDjWWyGv5xIyWIvu9b+K3++xb+KInC3aF0hzsT+RnlGgE7v1dOxb934s6VTS6wbm9K7hrnY=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17079/static/global/ 2 MB
361 KB 50ms
49ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/module.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9385524dae00056fd7eab065c6c8685e1e6ffc69a9741435ddd6f41f404f98c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:44 GMT
server: cloudflare
x-amz-request-id: 6FXQVGJB1KJF7VSA
age: 81938
etag: W/"6733ce34991934f4cfc47eb3834159ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 752065781d11bbb6-FRA
x-amz-id-2: rk5ugirO/zsz49YNcRPqbO9HwgPA0F1R58zhxniWz2TIIQP2NgRwNU813gp4yfpoYnCT7LeQ0Lg=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/17079/static/global/ 1 MB
430 KB 46ms
45ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/libs.min.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: ME7SZ0MWC9A993TD
age: 82089
etag: W/"772e1301b871cc2545926cb86ee5965f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 752065781d12bbb6-FRA
x-amz-id-2: uX6mFFnTfhDz9d7G8r7wR9xPfnPexI/T5/a/qoSv7+mPWp8GIrOmcX/5Y3Qk7qQU86pzvw2MPDk=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 93ms
25ms Script
application/javascript 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-28.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date: Wed, 28 Sep 2022 18:20:09 GMT
last-modified: Wed, 14 Sep 2022 16:50:48 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
age: 19975
etag: W/"63220668-2bc3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: flSwiZpv1PH-jpolx_Iw7rlYTPstJLlYT2nPyPBDk3jcqO65GJMprw==
expires: Thu, 29 Sep 2022 18:20:09 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 95 KB
32 KB 109ms
50ms Script
application/javascript 13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 644b1dc128aeb5f8fc32da99fc12116c891511b0f04acb8c147875282e876992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:24:51 GMT
x-amz-version-id: iOpWENFIxjsDS7wPTwgCb5GYPtvKbi.t
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-request-id: VPP6RN14FVRYB28A
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 8894
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: PaOqZFYmVgZqM4g5+AH9Z/hu53amvyZ/++yDB1LBAVl6v0Gx6B+TqlDQ5p9qmm0Cs/zQYA0zkd8=
last-modified: Wed, 28 Sep 2022 20:11:46 GMT
server: AmazonS3
etag: W/"e09d391852798023766bda3e88610f6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Zf8y9bUQgfgTSQZ29plxk4vw1A7LO2TVR3t6jfpnIdtcV-LDdlR_kA==

GET
H2 200 / Show response
js.stripe.com/v3/ 349 KB
84 KB 87ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

636eb1e207d7c0ca123d2fd6818af868e12084214b0cc3c73230e576ca513431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:04 GMT
via: 1.1 varnish
age: 24
x-cache: HIT
content-length: 86008
x-request-id: 68dd460d-40ed-4154-8d99-e23d86aaba10
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 20:24:28 GMT
server: Fastly
etag: "39f0ce72129a72df5de02092c58e8fe5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 425 KB
91 KB 113ms
112ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 787ba1fcfe12a6c706bd6add0f869e9b6c72003a53dc6d603362cc13cc5d4579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 17:22:17 GMT
server: nginx
etag: "633482c9-169ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 92618

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2227
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 01:15:57 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 118 KB
46 KB 102ms
30ms Script
application/javascript 13.32.121.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-41.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

47a91c17a8c9a557a43954a338ef035d85b7b7987a1db27aca930b1fbaa88674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:51:32 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA60-P1
age: 92
etag: W/"1d6c6-azBT/NxrdnHQiN/iUuU0BA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -pQ5SCl3GAgw72a7GWEaeUMd1PnrDixqAHakEtGhZo1413MyfSEjxg==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 221ms
167ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 28 Sep 2022 23:53:04 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
141 B 248ms
247ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.salvationarmyflorida.org/
Bugsnag-Sent-At: 2022-09-28T23:53:04.278Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 23:53:04 GMT
via: 1.1 google
bugsnag-session-uuid: 33cdf6b9-33e8-4cdb-8c16-bd7b985e56da
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 597 KB
151 KB 137ms
86ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMXWH57

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0921dcacbadd3da3a6827da2daf7778177e20fe25af058889961bb6aafefc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154551
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 23:15:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Sep 2022 23:53:04 GMT

GET
H2 200 sdk.js Show response
give.salvationarmyflorida.org/sso/ 21 KB
6 KB 542ms
542ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/sso/sdk.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

8040ffcde69d17a00a842c01c1c872ab513ebb920c6a74033f852180226178d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/give/180131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 23:53:04 GMT
server: cloudflare
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 75206579ff09bbb6-FRA
expires: Thu, 29 Sep 2022 00:13:04 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1396/ 0
43 KB 26ms
26ms Other
application/javascript 13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1396/link-dynamic-loader.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:24:52 GMT
x-amz-version-id: .EGAV_ZUU5pG9pC21Df0XwExr1rwq8Ga
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 8893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 20:11:46 GMT
server: AmazonS3
etag: W/"c986e669d0c62d90df6a579f4d8e559d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: XySa0DKHarp6HP7WFnLtdyCL0ucXkOCCR9vkRMftcpielt3yhsxWwQ==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 618ms
159ms XHR
application/json 54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20A0289659302A7E0A495D28%40AdobeOrg&d_nsid=0&ts=1664409184531

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

db2cc14adb7e3abc4da916f97a6c7124de71a6bb166d01f71926b64f7886c690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v043-09c87a010.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hVwJ1xLxQ0o=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://give.salvationarmyflorida.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1187
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
30ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=245688401&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gtm.js&ea=gtm.js&el=give.salvationarmyflorida.org&ev=0&_u=aGDACEABBAAAAC~&jid=2054193846&gjid=1286389418&cid=1646469969.1664409184&tid=UA-51388709-1&_gid=1141622534.1664409184&_r=1&gtm=2wg9q0PMXWH57&z=99718649

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2227
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 01:15:57 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 124ms
28ms Script
text/html 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=550371&rnd=300377.8011465648&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f7cde63eb9717e62947cafa990292ad5bcc4969e19ab847887f11ad9237511c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 645
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

22ms
22ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kcgs7200168-IAD, cache-hhn11546-HHN

Redirect headers

Date: Wed, 28 Sep 2022 23:53:04 GMT
Server: ECS (frb/67DF)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=,edge;dur=1
Content-Length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 82ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827406829

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50d9b036bbed2d99a2277ca6a7afb4a3fd052126f7d1174949a43a2582d9853d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62716
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 23:15:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Sep 2022 23:53:04 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
3 KB 76ms
22ms Script
application/javascript 96.16.147.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.147.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-147-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 23:53:04 GMT
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: R6X1Z4GZMHQJ34R0
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: jm8UZxXlNwBRe5MV76nXmfeJxyOsHxAxlRqx4Yx6Lk22skfaD1o6r2gLlsQkG8CibRTuc9Pz10M=

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 83ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kcgs7200095-IAD, cache-hhn11546-HHN

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 107ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Sep 2022 23:53:04 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16E694CB45C94D5092A6467116AB64ED Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:04Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 232ms
130ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA37NVJC77U7GNSUJLA0&lib=ttq
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c34e0ccac39f295282fae930dbfb43da8880bd6c08ad34142458d36f13e98627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id: 152c659b
date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3.965-44275585) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=104
content-length: 1197
pragma: no-cache
server: nginx
x-tt-logid: 2022092823530430595B957B8D8B28C264
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 104,23.36.161.200
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa407e4a87f24cdfad412295e7d664a183931b6d447c00968001f961b51d051fac466dc14ab5996830f2455765b1b3b9b25879e789acbadbea434266fa110d1b07b
expires: Wed, 28 Sep 2022 23:53:04 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 91ms
35ms Script
application/javascript 52.222.225.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.225.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-225-250.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: gzip
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8757
x-amz-cf-id: lpYKBhvVXgWZsZi4fIjZpKkWjD2Dio3Yyq56v0Y9u0JnkC3GsViv2Q==

GET
H2 200 m-outer-557bf11dc87834b2929d6e0c94d567e3.html Show response
js.stripe.com/v3/ Frame 8175 186 B
774 B 24ms
23ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-557bf11dc87834b2929d6e0c94d567e3.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4c9c37b8ccb84e7dd5383101a8d15530b184444e84fa287dcda321e0f874442f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16802
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:04 GMT
etag: "557bf11dc87834b2929d6e0c94d567e3"
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5793
x-content-type-options: nosniff
x-request-id: 74e6e12a-fcab-4c9a-92c7-c0ed79e56d27
x-served-by: cache-hhn4036-HHN

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 84ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Sep 2022 23:53:04 GMT
x-amz-request-id: G3KFPVCN8YNTXH50
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: tAu6Bn1ZIXl3oOFdA99wBbvl4B5k9x4HUuY+yHxi1gSDuAiQ8dsY6p1L2pd/4eB409hsM7w2iD8=
x-served-by: cache-hhn4028-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1664409185.669005,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3380

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/17079/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 38ms
38ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HAHQP8PRER5GHAW9
age: 83234
cf-polished: origSize=22581
x-amz-id-2: hHfdYo8Baf+ni2NgN/W9so5Anyh45Fbnb/dGpFDqUm36/I2X5EI6AxrQOEjh8iBrwvl45ld6PWg=
cf-bgj: minify
last-modified: Thu, 22 Sep 2022 22:02:44 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7520657bc907bbb6-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 145ms
99ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32108643364701375644_1664409184192&_=1664409184193

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7520657c18b7bb91-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 75ms
21ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:04 GMT
Content-Encoding: gzip
Age: 1058
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67BD)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 344ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

930bb849a34c23019835428b195cd0b34075a59feb0398ddf30f9ddd12e8a265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 28 Sep 2022 23:53:05 GMT

POST
H2 200 rum Show response
give.salvationarmyflorida.org/cdn-cgi/ 0
200 B 33ms
33ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/cdn-cgi/rum?

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-f7e5c6f68d5bc6a2----1664409184817
traceparent: 00-630bea4c31e4fbd0857521935849971b-f7e5c6f68d5bc6a2-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmN2U1YzZmNjhkNWJjNmEyIiwidHIiOiI2MzBiZWE0YzMxZTRmYmQwODU3NTIxOTM1ODQ5OTcxYiIsInRpIjoxNjY0NDA5MTg0ODE3fX0=
content-type: application/json
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.salvationarmyflorida.org
content-type: text/plain
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7520657d2abdbbb6-FRA

GET
H2 200 tax-entities Show response
give.salvationarmyflorida.org/frs-api/organizations/50858/ 397 B
316 B 470ms
470ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/organizations/50858/tax-entities

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e430b6b69f8f513325bc9615e3b6da1814c5ec33b3fa105a64c72d7be23c3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-a5f28786a71d6431----1664409184821
traceparent: 00-851c0500985dd904d3464aa931bb4e0c-a5f28786a71d6431-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhNWYyODc4NmE3MWQ2NDMxIiwidHIiOiI4NTFjMDUwMDk4NWRkOTA0ZDM0NjRhYTkzMWJiNGUwYyIsInRpIjoxNjY0NDA5MTg0ODIxfX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-iUMlMozMDJTX+oY5zCxd6xJahkY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657d2ac2bbb6-FRA

GET
H2 200 market-data Show response
give.salvationarmyflorida.org/frs-api/crypto-giving/BTC/USD/ 35 B
122 B 430ms
430ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79131e9ac578c067846f3a8b9c4b24408d9556fe4dccbac6684806095846c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-0159e0af90e7b21c----1664409184871
traceparent: 00-15c5c22cf53b0f7db704f2bc5b3763a3-0159e0af90e7b21c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwMTU5ZTBhZjkwZTdiMjFjIiwidHIiOiIxNWM1YzIyY2Y1M2IwZjdkYjcwNGYyYmM1YjM3NjNhMyIsInRpIjoxNjY0NDA5MTg0ODcxfX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"23-22CzkPFKv4XQlU8SJ6cjai11cv8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7520657d7b2ebbb6-FRA
content-length: 35

GET
H2 200 channels Show response
give.salvationarmyflorida.org/frs-api/campaigns/180131/ 786 B
1011 B 491ms
490ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/campaigns/180131/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fe8d0acad648eb24d411f760eebad8e0cfc0f07895da4b3de3953418f0d444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-0853663e5bb676e3----1664409184872
traceparent: 00-b7cba57e12c8eb35a1967abbd207b0da-0853663e5bb676e3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwODUzNjYzZTViYjY3NmUzIiwidHIiOiJiN2NiYTU3ZTEyYzhlYjM1YTE5NjdhYmJkMjA3YjBkYSIsInRpIjoxNjY0NDA5MTg0ODcyfX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"312-epLG6DyiKZ8PDt86pSfyLhXr0WE"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=oWNCAoSmR94KQ9N5YfOa5nQ2_9kxn7uiGJwf2Xn.ijk-1664409185-0-AX5skHk9BZN4KvG0wd9ubyV1LzTTxDwin_C7zfZjr9Dz5m2NFpdgCUmqKaanN1Veyzq9RySY-UBOBYcEsp_Ya6SCoHghP4YR9UtFAnJj5T4K; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=oWNCAoSmR94KQ9N5YfOa5nQ2_9kxn7uiGJwf2Xn.ijk-1664409185-0-AX5skHk9BZN4KvG0wd9ubyV1LzTTxDwin_C7zfZjr9Dz5m2NFpdgCUmqKaanN1Veyzq9RySY-UBOBYcEsp_Ya6SCoHghP4YR9UtFAnJj5T4K"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657d7b32bbb6-FRA

GET
H2 200 ach-account-routing Show response
give.salvationarmyflorida.org/frs-api/organizations/50858/ 33 B
167 B 465ms
464ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/organizations/50858/ach-account-routing

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-c42ec0e83fe687fd----1664409184873
traceparent: 00-0ad3ef0d6d91e1d4458840b05a19b608-c42ec0e83fe687fd-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNDJlYzBlODNmZTY4N2ZkIiwidHIiOiIwYWQzZWYwZDZkOTFlMWQ0NDU4ODQwYjA1YTE5YjYwOCIsInRpIjoxNjY0NDA5MTg0ODczfX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657d8b36bbb6-FRA
content-length: 33

GET
H2 200 paypal Show response
pay.classy.org/token/ 124 B
766 B 616ms
559ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/paypal?applicationId=8260&currency=USD

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97689e6fecb2083b96992c7b895666eb5dc55b74c671f8b2f32158d46458659f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: 346d4157-4f80-44a4-9eb8-922f97088572
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7520657e0d259bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: m-vsZar6TCJrY_LELOX3BtCffC3t_fkhlMHxczLKrxW7sk8qHD8H7A==

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
461 B 619ms
563ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=8260&currency=USD

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 cb7980ab2017aee51ecce59a2678b358.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: 21952575-5a0e-4800-9853-8521d9afe2fd
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7520657e0d269bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: HJuymflxPG8et8KqkZDZArXrQbyeGN_tE7TbnBrgVJ_PARX9bJA2Pg==

GET
H2 200 d7993690-346d-11ed-aef7-0a58a9feac02.jpg
assets.classy.org/5866174/ 45 KB
45 KB 600ms
591ms Image
image/jpeg 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5866174/d7993690-346d-11ed-aef7-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a85736ae01bf35217a144d9ed1eb90d5156892daa52975c7f92da0c72a9f3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: aEMGHo0rw_BYWW_6fI7FREhwJFw83Av5
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 45945
last-modified: Wed, 14 Sep 2022 20:43:10 GMT
server: cloudflare
etag: "3a09ef9e64c9161f865e79af1aa4581d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7520657e0bd7bbb6-FRA
x-amz-cf-id: sjx5C7mWi8slFMQuo62E2xUBHJBnnpWa8Hvlo2D0-mltvqL440nylA==

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/17079/static/global/fonts/ 42 KB
43 KB 560ms
513ms Font
application/x-font-woff 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4cf8bf18ec6adf0aa481a46ceb0522b40b2e065be1a8e09a7626f7771f726a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: TM4C890KKEMBCDYQ
content-length: 43184
x-amz-id-2: bUDw/26XyQd2pnPSiw4+7iHBMApmnnY62F8Q/Sgp824p/4wEh8TiqPg1OxnSkMgRQem7kjjd7Lc=
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
etag: "ba98e28f1b3fc991e4367ce777c281ea"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7520657e4b159137-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/17079/static/fonts/ 65 KB
66 KB 665ms
618ms Font
binary/octet-stream 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17079/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: TM46QCT7DRDDKS8S
content-length: 66624
x-amz-id-2: c/3NFySlWtDkrPMTuDkW2w0qTXQ7lNH90MOYtSYKcZolYlwnNs8MPVLeiEwgUEu9N5+KKsaThf8=
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7520657e4b169137-FRA

GET
H2 200 designations Show response
give.salvationarmyflorida.org/frs-api/campaign/180131/ 1 KB
1 KB 478ms
477ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/campaign/180131/designations?per_page=100

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c186b181c2b304128e01a79f168877266264a92db74fc6ef703e1e514e0f492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-c0680a2865ffad3a----1664409185024
traceparent: 00-87a64848c0063ac53fb70b2a27b67d69-c0680a2865ffad3a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMDY4MGEyODY1ZmZhZDNhIiwidHIiOiI4N2E2NDg0OGMwMDYzYWM1M2ZiNzBiMmEyN2I2N2Q2OSIsInRpIjoxNjY0NDA5MTg1MDI0fX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"429-B2v8pRnUtOIKxuZlqz5LTBXtSvY"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UZmTZvBDijK_Q7XNAmm1E.dnkSjNfzTlhz9JYHKeJqE-1664409185-0-ATjsWv-2BKDY0G8BbiPIotNWEOPO6mcJk7pSEqlWZoy8mtdeOvB7j6D0cY6XmpRoclddoTD969llK1CPg8K8RAp-abrp6TF0r-oHiTrgIGEF; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UZmTZvBDijK_Q7XNAmm1E.dnkSjNfzTlhz9JYHKeJqE-1664409185-0-ATjsWv-2BKDY0G8BbiPIotNWEOPO6mcJk7pSEqlWZoy8mtdeOvB7j6D0cY6XmpRoclddoTD969llK1CPg8K8RAp-abrp6TF0r-oHiTrgIGEF"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657e7c5cbbb6-FRA

GET
H2 200 designations Show response
give.salvationarmyflorida.org/frs-api/campaigns/180131/ 1 KB
631 B 192ms
192ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/campaigns/180131/designations?filter=id%3D58077

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a360b3b601dc2320b746b3edd56cf39dc7befe2d1c01bce5e422c01068b52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-5b36b90fdf308f57----1664409185025
traceparent: 00-90de5fda63f88a9e0b6f40cde17c6272-5b36b90fdf308f57-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YjM2YjkwZmRmMzA4ZjU3IiwidHIiOiI5MGRlNWZkYTYzZjg4YTllMGI2ZjQwY2RlMTdjNjI3MiIsInRpIjoxNjY0NDA5MTg1MDI1fX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"422-rYscGCjRcqv69H2kUi8wED/LhSU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657e7c5dbbb6-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 1127ms
1127ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=8260&currency=EUR

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf704e1d70fcb7c71ff20dc971bf44e5cf80095feabf3fd0d9fe138a17c7571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 10ddc9a187df686a95382358dc4e78d4.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: f52a1e0c-e301-4714-b19f-55206795ff7b
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7520657ecdf59bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 5FJ_67jXD_OcW2yOhGP4ZlX93Lc5oy73P-zVNIk-JpWIaWjg3vH3GA==

GET
H2 200 currency-conversions Show response
give.salvationarmyflorida.org/frs-api/i18n/ 75 B
255 B 482ms
482ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d9811626c38bc96c05f842d65a1a598d62ce137b8182d61a2d8ee3c3d21adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
tracestate: 423787@nr=0-1-423787-363751183-bd4b5a4d07ddbff7----1664409185092
traceparent: 00-1ed88bbf37ee7a7a06c305e3282f821d-bd4b5a4d07ddbff7-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZDRiNWE0ZDA3ZGRiZmY3IiwidHIiOiIxZWQ4OGJiZjM3ZWU3YTdhMDZjMzA1ZTMyODJmODIxZCIsInRpIjoxNjY0NDA5MTg1MDkyfX0=
Accept: application/json, text/plain, */*
csrf-token: 3w9cKleC-BY7XRG0y6CaxikT8--IgICicch0
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-di2kz2uJB/qItBeUZAk5ePssoJQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7520657edce1bbb6-FRA

GET
H2 200 user-icon.png
give.salvationarmyflorida.org/static/global/images/ 4 KB
5 KB 433ms
431ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmyflorida.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/give/180131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=iI4kqKYYsfPfkGh.eaT_7.Bry.CLA_QCqPAfx3RsWg4-1664409185-0-AfHoj3wGnwwgHeSwOzcrOK-5Jk_WX3sk8WopkfvAr-03z8pET0Le5gFSdBPBBVIcL6kNRf2bt8HaHI1UZZkwjzZT5E2_N6Rm_kuFzNqP1CtB; report-to cf-csp-endpoint
content-length: 4588
last-modified: Thu, 22 Sep 2022 21:59:44 GMT
server: cloudflare
etag: "632cdad0-11ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=iI4kqKYYsfPfkGh.eaT_7.Bry.CLA_QCqPAfx3RsWg4-1664409185-0-AfHoj3wGnwwgHeSwOzcrOK-5Jk_WX3sk8WopkfvAr-03z8pET0Le5gFSdBPBBVIcL6kNRf2bt8HaHI1UZZkwjzZT5E2_N6Rm_kuFzNqP1CtB"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7520657eece9bbb6-FRA
expires: Thu, 28 Sep 2023 23:53:05 GMT

GET
H2 200 7767083e-433f-11e8-9454-0e536837d064.jpg
assets.classy.org/6776768/ 27 KB
28 KB 73ms
71ms Image
image/jpeg 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/6776768/7767083e-433f-11e8-9454-0e536837d064.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d008a3c28d1a168a199b3c2843b22398d629515a5bd302b8bada42edd1dcda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: LaRy189MYE22osdAnxKUhpw9aoZnXb4W
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 27968
last-modified: Wed, 18 Apr 2018 19:34:11 GMT
server: cloudflare
etag: "e645c0893b3fc84db1660e352a3d715f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7520657eecedbbb6-FRA
x-amz-cf-id: R97qpm0vfOyLQ8ePadEp2Rdr9qdKO5Y5DFqRPHdnFoXbJG4GVwo3uw==

GET
H2 200 363d4fa4-433e-11e8-ab71-0671446722b6.png
assets.classy.org/6776768/ 8 KB
9 KB 61ms
60ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/6776768/363d4fa4-433e-11e8-ab71-0671446722b6.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92bdaec9274f58546aea96f3cb3307421079b45b906ce03059262c76dedbff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: Y94BaWJHXnhCIq3Qu6PiQMbBf79LJs0y
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 8624
last-modified: Wed, 18 Apr 2018 19:25:13 GMT
server: cloudflare
etag: "83a5481d8e2d8a273322bbbb995d0b1a"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7520657eeceebbb6-FRA
x-amz-cf-id: hyznIKLJ8918OfWtHHJXkXZ663Y45EyGS9y7D5oppi-ZmUVhi15A1Q==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/ 1 KB
913 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: M8JXYYC47AJXZFPX
age: 81339
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7520657eecefbbb6-FRA
x-amz-id-2: yu2YpXA8EJ850MUMlmqzevF6Dg6YHCpcxIyP5UoG+HDQlRS8oRxvriQtH802Mqa++FZ7L2sdVFI=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/ 545 B
447 B 37ms
36ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: 39BSWPYNR1FXNTB5
age: 74038
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7520657eecf0bbb6-FRA
x-amz-id-2: rndTwe5hpJ/HmS4ugYG1+p9mtugpoF5WDlXKqW4IAZjz9i4zXCcKgqRaK51k9OYNMZB8vv2m/Q4=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/ 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: 39BSJ54GXHM6E9WD
age: 74033
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7520657eecf1bbb6-FRA
x-amz-id-2: BLCY1mpYaOE0mIKfqrjABplSq6LYS/f/wrZgO+GDuDblxpvPY2Q2GTe/pmF4D1dcdYLbBQjOZKg=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/ 453 B
499 B 40ms
39ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
x-amz-request-id: 39BS08JFD3QCE0X7
age: 73500
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7520657eecf3bbb6-FRA
x-amz-id-2: 42G2Rw8BtLRz6VwFMm6qYNFeRq1eLBeDJWDfsYPqnJmyadiMAwDUUN6Bdw6xRQhOXq5O+N3w1PY=

GET
H2 200 logo-paypal.svg
give.salvationarmyflorida.org/static/global/images/payments/ 4 KB
3 KB 424ms
423ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmyflorida.org/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/give/180131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Sep 2022 21:59:44 GMT
server: cloudflare
etag: W/"632cdad0-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7520657eeceabbb6-FRA
expires: Thu, 28 Sep 2023 23:53:05 GMT

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/17079/static/global/images/ 394 B
655 B 36ms
36ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17079/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/17079/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: M8JWQ9VNGWMPES1Q
age: 76567
cf-polished: origFmt=png, origSize=547
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: sZryRJHu68GzDrmb1eq+4BPjOPMGFavfxjtslTYqD7ilrTZYhgNFA+DctkBo5jzZYUXh1hbv4E8=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Sep 2022 22:02:43 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7520657eecf4bbb6-FRA

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 350ms
116ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=1724620003262600&s=2845814523641059&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&h=%2Fgive%2F180131%2F&d=give.salvationarmyflorida.org&t=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&ts=1664409185110&pr=%2Fgive%2F180131%2F&st=1664409185112

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 rum Show response
give.salvationarmyflorida.org/cdn-cgi/ 0
100 B 27ms
26ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/cdn-cgi/rum?

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-1e05bc3b342e3b78----1664409185113
traceparent: 00-71fea7f5f574c63b5dae2a7ecfba909e-1e05bc3b342e3b78-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxZTA1YmMzYjM0MmUzYjc4IiwidHIiOiI3MWZlYTdmNWY1NzRjNjNiNWRhZTJhN2VjZmJhOTA5ZSIsInRpIjoxNjY0NDA5MTg1MTEzfX0=
content-type: application/json
Referer: https://give.salvationarmyflorida.org/give/180131/

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.salvationarmyflorida.org
content-type: text/plain
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7520657f0d0ebbb6-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 89ms
29ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-51388709-1&cid=1646469969.1664409184&jid=2054193846&gjid=1286389418&_gid=1141622534.1664409184&_u=aGDACEAABAAAAC~&z=588204331

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 8175 0
571 B 603ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8175 0
570 B 603ms
198ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-76e2f110225d3b64ec22626fce334f98.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8175 526 B
406 B 23ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-76e2f110225d3b64ec22626fce334f98.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-557bf11dc87834b2929d6e0c94d567e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-557bf11dc87834b2929d6e0c94d567e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16802
x-cache: HIT
content-length: 256
x-request-id: d4c9c368-2aa0-45df-aac6-f5c8a9732f54
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:40 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5456

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 99ms
38ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 23:53:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 23:53:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=245688401&t=event&_s=1&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=aGDACEABBAAAAC~&jid=506719447&gjid=417701016&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&_r=1&_slc=1&z=770288924

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=245688401&t=event&_s=1&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=aGDACEABBAAAAC~&jid=2097494270&gjid=14823034&cid=1646469969.1664409184&tid=UA-74191474-1&_gid=1141622534.1664409184&_r=1&_slc=1&z=1997506748

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
476 B 534ms
534ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=8260&currency=EUR

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf7f83561a0ed4cf0937ef9b54c056da5882edd661103d08207dcc76594b1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 c205f74aa99b4a794fa57396e24414b6.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: 61104905-3b77-48b8-9ed0-7f766d787a18
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7520657f1e4e9bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: KDjpBxh6x0wKyeoH5CEt_XMqghVKyj6cJcDF31nZ6_ledKqekTuo5A==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=2&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1664409184664&utt=712&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=520233080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=3&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1664409184664&utt=1909&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=1306932821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=4&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1664409184664&utt=2005&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=922919242

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=5&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1664409184664&utt=2447&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=570966960

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=6&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1664409184664&utt=3547&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=1917372617

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 350ms
156ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=5311879168556329&s=2845814523641059&b=web&tv=4.0&z=2&g=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&h=%2Fgive%2F180131%2F&d=give.salvationarmyflorida.org&t=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&ts=1664409185152&pr=%2Fgive%2F180131%2F&sp=z&sp=0&sp=ts&sp=1664409185110&sp=d&sp=give.salvationarmyflorida.org&sp=h&sp=%2Fgive%2F180131%2F&sp=t&sp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&st=1664409185152

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 72ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 23:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ClIldli3RskWR7KO0qCFzDaKH/xqey6ZTSKn3HY+2nM9OY2YilFwkiKwYB8A2F5HhmzvXEu3DcICb8mkTm4/uQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
259 B 284ms
112ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1664409185171&hv=4.18.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 284ms
113ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=5311879168556329&s=2845814523641059&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664409185110&sp=d&sp=give.salvationarmyflorida.org&sp=h&sp=%2Fgive%2F180131%2F&sp=t&sp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&pp=d&pp=give.salvationarmyflorida.org&pp=h&pp=%2Fgive%2F180131%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pp=t&pp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&pp=ts&pp=1664409185152&pp=pr&pp=%2Fgive%2F180131%2F&id0=8954025470154504&k0=environment&k0=prod&k0=organization_id&k0=50858&k0=campaign&k0=180131&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1664409185173&st=1664409185173

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK dest5.html Show response
thesalvationarmy.demdex.net/ Frame 4130 7 KB
3 KB 588ms
157ms Document
text/html 52.30.247.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.247.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v043-0e646107e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cY6ApyZcRik=
content-encoding: gzip
date: Wed, 28 Sep 2022 23:53:05 GMT
last-modified: Mon, 26 Sep 2022 14:06:09 GMT
vary: accept-encoding

GET
H2 200 id Show response
thesalvationarmy.sc.omtrdc.net/ 2 B
277 B 791ms
299ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&mid=59904600191551561332290805667597808339&ts=1664409185192

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://give.salvationarmyflorida.org
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YzTeYQAAAEMWnwN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=60468439344711799202234423944978563302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzTeYQAAAEMWnwN-

42 B
942 B

128ms
127ms

Image
image/gif

54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzTeYQAAAEMWnwN-

Protocol

HTTP/1.1

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v043-08585183a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IsUII4rtS8c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzTeYQAAAEMWnwN-
Date: Wed, 28 Sep 2022 23:53:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 24 KB
8 KB 362ms
267ms Script
application/javascript 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"8440d88fdf94d6823ae9ecb94a935255"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=885
accept-ranges: bytes
x-amz-cf-id: KjcXS2VtJ2HxMcagQLvo9L8_1Pr8qQsywdETgZdcTHqIG3Z9-Gvlew==
content-length: 7894

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
193 B 96ms
33ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=5ce1f9d9-71a9-44c4-827d-24f151ac647c

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

837113b700bf837d671eaf360a8ac70a77d336def15172a8ad6217c7c0bc2cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://give.salvationarmyflorida.org
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
461 B 94ms
33ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=5ce1f9d9-71a9-44c4-827d-24f151ac647c&tld=org

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f00818a839723cb67fae65722d66e151e0c9870163f67f4fd6b37513b45afc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://give.salvationarmyflorida.org
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adsct
t.co/i/ 43 B
227 B 256ms
202ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=42bcbd58-252e-4768-930f-8b8bd706e8e6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3571ecf2-af76-44a4-b100-d844abb97f0c&tw_document_href=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvb33&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 179
date: Wed, 28 Sep 2022 23:53:04 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 284c80e4feccf70c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 900a82ce088be1129861bd72ff01d5a4d41c6118fb020e6be9df26d75e8e36d6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 256ms
195ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=42bcbd58-252e-4768-930f-8b8bd706e8e6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3571ecf2-af76-44a4-b100-d844abb97f0c&tw_document_href=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvb33&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 174
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: eac78953633f4cf7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e376f2d91c737b71570da83090d30bdc1ca97d69d0ef04001b9247b5c1a4b429
content-length: 43

GET
H2 200 5715322.js Show response
bat.bing.com/p/action/ 1 KB
862 B 129ms
128ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5715322.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

5031da68633062c6e6d886913d5ed215d411be1547de572ae691644566928e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Sep 2022 23:53:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83004CC6E79F44C3ABB5EBABF38905C2 Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:05Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
121 B 84ms
84ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5715322&Ver=2&mid=03e6cc2e-afbe-4d70-84d6-a9cf1530fab8&sid=b1f9b3c03f8811edb4487336609a29d6&vid=b1f9cb503f8811edaa585963275ee890&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&p=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&r=&lt=2447&evt=pageLoad&sv=1&rn=233222

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Sep 2022 23:53:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 022720A346AA482C8D33A44FFCD59FC7 Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5710159.js Show response
bat.bing.com/p/action/ 1 KB
799 B 161ms
160ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5710159.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

3cf0b7b75c97b9ffd7106c1273143a0d0939527246f28aac12d97160eb55c281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Sep 2022 23:53:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25452C3BE43549BAB7AA9BA45A1395C2 Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:05Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
176 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5710159&Ver=2&mid=48589817-9ae0-474a-a9f2-d4f41135eab8&sid=b1f9b3c03f8811edb4487336609a29d6&vid=b1f9cb503f8811edaa585963275ee890&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&p=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&r=&lt=2447&evt=pageLoad&sv=1&rn=94424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Sep 2022 23:53:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A9323D9C68A41EA8B7E257EA07B40B6 Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
625 B 223ms
156ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1216.487a282&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3667&ck=1&ref=https://give.salvationarmyflorida.org/give/180131/&ap=644.530883&be=2439&fe=3018&dc=3015&tt=f2e12ba075bd2c3e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664409181580,%22n%22:0,%22f%22:411,%22dn%22:663,%22dne%22:663,%22c%22:663,%22s%22:685,%22ce%22:712,%22rq%22:712,%22rp%22:1909,%22rpe%22:2005,%22dl%22:1931,%22di%22:2007,%22ds%22:2429,%22de%22:2429,%22dc%22:2438,%22l%22:2438,%22le%22:2447%7D,%22navigation%22:%7B%7D%7D&fp=3543&fcp=3543&jsonp=NREUM.setToken
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 752065805f9d995d-FRA

GET
H2 200 main.Mi4wLjAuNTVfMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 324 KB
93 KB 26ms
26ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMA.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18b5a4e9344ec42545b86ac639ca57c054944d17a3aab1cd5af9199698ddd032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id: 152c6864
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20220927124107DEB1F8705351F0FBDF3A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3.965-44275585) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0155fc7d64012aeff9f4396596deb30d8e3d82e1a7f4a0f27840f23acdad7405723ac3b42db9c36e68d304d04610f13241af8cc23559718879a483b8e24a64b7a228c07390914dbce17bcb4fdaaa82c9dc
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 94238

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3CC2 930 B
2 KB 95ms
22ms Document
text/html 2600:9000:223e:6a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-76e2f110225d3b64ec22626fce334f98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:6a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:52:38 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-id: VVUXYkKjpgBSI-Hf8powduKQA6XWzbGrlR1BDWOn9gV13lr8y_XYCw==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 84ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.salvationarmyflorida.org/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1664409185.dop148.fr8.t,1664409185.cds270.fr8.hn,1664409185.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 100ms
39ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-3837893-1&cid=1646469969.1664409184&jid=506719447&gjid=417701016&_gid=1141622534.1664409184&_u=aGDACEABBAAAAC~&z=1134684554

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 99ms
40ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-74191474-1&cid=1646469969.1664409184&jid=2097494270&gjid=14823034&_gid=1141622534.1664409184&_u=aGDACEABBAAAAC~&z=1387300958

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 97ms
36ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-51388709-1&cid=1646469969.1664409184&jid=2054193846&_u=aGDACEAABAAAAC~&z=1433022069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 83ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-51388709-1&cid=1646469969.1664409184&jid=2054193846&_u=aGDACEAABAAAAC~&z=1433022069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 8432 0
294 B 83ms
34ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=5ce1f9d9-71a9-44c4-827d-24f151ac647c&u_scsid=18bde737-d3c4-4ebe-9c1f-cd04b0f6c6e4&u_sclid=9c1b5a8e-2c71-401a-9cfd-3f04034a2ffa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 28 Sep 2022 23:53:05 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 68 B
328 B 84ms
40ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAafbMAmaIAH5IoaA

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 adsct
t.co/i/ 43 B
378 B 198ms
197ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=1&event_id=91b64ece-ee1e-491b-98e7-651962602420&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3571ecf2-af76-44a4-b100-d844abb97f0c&tw_document_href=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l54yg&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 175
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5055170d7c7f0257
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 900a82ce088be1129861bd72ff01d5a4d41c6118fb020e6be9df26d75e8e36d6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 186ms
186ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=91b64ece-ee1e-491b-98e7-651962602420&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3571ecf2-af76-44a4-b100-d844abb97f0c&tw_document_href=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l54yg&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 164
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bf5246a49ad11082
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e376f2d91c737b71570da83090d30bdc1ca97d69d0ef04001b9247b5c1a4b429
content-length: 43

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 105ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15699
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 23:53:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590768768&l=dataLayer&cx=c

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

946e7531f5392e797b7e514a9dc22a66d77d073efbe88ad5731bc1583e698def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62633
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 23:15:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Sep 2022 23:53:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590708955&l=dataLayer&cx=c

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

517d34e0756e5652dcb865ea9d724fcc277aee52202c711a27c4a5832afe9a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63370
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 23:15:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Sep 2022 23:53:05 GMT

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
217 B 88ms
20ms XHR
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=20A0289659302A7E0A495D28@AdobeOrg&_les_sdid=50ACA371E415247C-6FB58A35D5FB4B12&_les_last_search_click=&_les_rsid=tsa.global&_les_mid=59904600191551561332290805667597808339&_les_url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409185.385293,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://give.salvationarmyflorida.org
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4053-HHN

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 15652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:32:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 109ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 15652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:32:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 96ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 15652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:32:13 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 112ms
65ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:43:26 GMT
x-content-type-options: nosniff
age: 54579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 08:43:26 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5248e50a/www-widgetapi.vflset/ 156 KB
51 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11950f1b39836cbd5aae1f74a8d22594b1a5fc244f7601e8086cccdde1d71689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52495
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:42 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 207F 320 KB
104 KB 23ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgive.salvationarmyflorida.org
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 13058
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 23:53:05 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 67ms
66ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:43:26 GMT
x-content-type-options: nosniff
age: 54579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 08:43:26 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 74ms
74ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 15652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:32:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 79ms
79ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyflorida.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 15652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:32:13 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 23:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Q0bU8RSGd1Tf+QiYBaWZrFJwIIcL8w6w15EY/Gmio+6jiThJPc6L8PMBsmHtd7tHTsCenZTaej4LyV2vHDAsRQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 149912447208716 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 106ms
82ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/149912447208716?v=2.9.84&r=stable

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94459196b3ffcd6f2c5793ed9f26a86e0fec2ac1058805046dccf9566e354e33

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 23:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Ke3oemgKbVpIJQvDVZl8K7kLGvD8TwQJ3q4salE3T+vh4PEVoOKxv/p15s7c6B63sCWoMaxO2I/UJ1niIrfveQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3CC2 0
344 B 334ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 3CC2 86 KB
14 KB 25ms
25ms Script
text/javascript 2600:9000:223e:6a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:6a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:50:30 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 159
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: MXiGCIPOftOsc85UVoc-7ezk0bJNKimgG1GAzZyGMAgVUK-V9H1ZkA==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 142ms
141ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
x-akamai-request-id: 152c6955
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022092823530530595B957B8D8B28C2B8
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3.965-44275585) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.36.161.200
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa407e4a87f24cdfad412295e7d664a1839c52391f9bb950a3c2eaf3e14bf71e3654039fb558866aa42e396820c7fae470c5dd37f539392b44a0fb374e85e300a02
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=10, origin; dur=107
content-length: 0
expires: Wed, 28 Sep 2022 23:53:05 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 150ms
150ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ffb86df.152c6956
date: Wed, 28 Sep 2022 23:53:05 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3.965-44275585) (-)
x-parent-response-time: 112,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=27, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202209282353057F3FE8A88533D328E71A
x-cache-remote: TCP_MISS from a23-39-229-100.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.39.229.100
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa43b88c625dbeab8b254333dfbd1135db962065b074f18f8db2c2f9d0bada9057feb5f57c2877abdc495f401bc74e44a937f6f2520d5c19ab4707a1b5b8ed96949a5b08bb2d61ec0f0d90e3b57d82f41c4
expires: Wed, 28 Sep 2022 23:53:05 GMT

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.salvationarmyflorida.org/sso/ssobuild/js/ 34 KB
9 KB 512ms
511ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-8f51585783e12e99----1664409185500
traceparent: 00-16e8c8bef01f0d87b7df176115ec10e9-8f51585783e12e99-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4ZjUxNTg1NzgzZTEyZTk5IiwidHIiOiIxNmU4YzhiZWYwMWYwZDg3YjdkZjE3NjExNWVjMTBlOSIsInRpIjoxNjY0NDA5MTg1NTAwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmyflorida.org/give/180131/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Sep 2022 17:55:22 GMT
server: cloudflare
etag: W/"632ca18a-893d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 752065817f86bbb6-FRA
expires: Thu, 28 Sep 2023 23:53:05 GMT

GET
H2 200 5715322 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 187ms
118ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5715322
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 47ca0bc12b3b10bfd372c2dda453058e5b53578a7dd1891c780dc10e95219540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Wed, 28 Sep 2022 23:53:05 GMT
x-powered-by: ASP.NET
x-azure-ref: 0Yd40YwAAAADLDPdI9RPZQKvYw2KlHD2nQU1TMDRFREdFMTgxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
expires: -1

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 207F 771 B
649 B 185ms
130ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0fc34fde87810e826667946fcf0d1c10605135c2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgive.salvationarmyflorida.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 28 Sep 2022 23:53:05 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 7d0a8300f47505c1
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 730918f5ab6a39dbce8342d1d8c1535b8a6f75f1d6f5ee391169f36c88e95bb2
content-length: 327

GET
H2 200 js Show response
www.paypal.com/sdk/ 322 KB
98 KB 83ms
25ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=89TPM5K6KEDCA&commit=false

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b27bad7b5a085978def92a66d3a36d7bf276bff065cb7ec55e22232cacd66b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-yXUdf1fLq3mTbvuX4L3RvZKVBREaqL7uNWidsi51nESKZu8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yXUdf1fLq3mTbvuX4L3RvZKVBREaqL7uNWidsi51nESKZu8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-yXUdf1fLq3mTbvuX4L3RvZKVBREaqL7uNWidsi51nESKZu8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yXUdf1fLq3mTbvuX4L3RvZKVBREaqL7uNWidsi51nESKZu8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8790
x-cache: HIT
p3p: true
paypal-debug-id: f338119be4a83
server-timing: "traceparent;desc="00-0000000000000000000f338119be4a83-f57d668d3fc54627-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 98646
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
traceparent: 00-0000000000000000000f338119be4a83-83afcd510104d10f-01
x-timer: S1664409186.652955,VS0,VE2
etag: W/"18156-l07oxKr8U2zrTFZPNXH790/qZ2U"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
438 B 480ms
480ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=8260&currency=EUR

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: 941b6390-9e98-4ea2-8121-488092588ded
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 75206582094b9bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: rGb7a5r7wSbBvYmwv4tZz_xH8H78lttmcFZ91kZ0TU3Dwr76voqKQw==

GET
H2 200 5710159 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 133ms
117ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5710159
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f2f75da67c6cfb06a8b52ab9fe4dfd71fac89c38318dd15a43832367f4758273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Wed, 28 Sep 2022 23:53:05 GMT
x-powered-by: ASP.NET
x-azure-ref: 0Yd40YwAAAADKL1JsM62wSLPe3yxte7RfQU1TMDRFREdFMTgxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1496
expires: -1

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
432 B 476ms
476ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=8260&currency=EUR

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf7f83561a0ed4cf0937ef9b54c056da5882edd661103d08207dcc76594b1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 cb7980ab2017aee51ecce59a2678b358.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-classypay-requestid: 6cb1a08c-a9fb-4056-b066-c54369f5b4d1
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7520658249a09bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: d_BwOpqxKqqTnYXBHyW0cMCxzZ7Y9Y6mLOKB_fXgFjyJdWV6iqpiTw==

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 74ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149912447208716&ev=PageView&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&rl=&if=false&ts=1664409185717&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664409185715.377112325&it=1664409185384&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 23:53:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 74ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149912447208716&ev=InitiateCheckout&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&rl=&if=false&ts=1664409185719&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664409185715.377112325&it=1664409185384&coo=false&eid=1664409185.642224461934&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 23:53:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 controller-820c8dd85e6368b82aac8345cb224b8a.html Show response
js.stripe.com/v3/ Frame 12EA 297 B
725 B 25ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

736a1bad31fbc2b98f6c4da6011272321d3e71b8b30150dd148a73f259281703

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-encoding: br
content-length: 141
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:05 GMT
etag: "820c8dd85e6368b82aac8345cb224b8a"
last-modified: Wed, 28 Sep 2022 19:11:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 6edc8d27-d0e3-4f9c-a396-b142b7415921
x-served-by: cache-hhn4036-HHN

GET
H2 200 payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html Show response
js.stripe.com/v3/ Frame DE70 380 B
869 B 24ms
23ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0930f6ebcad20c12b15d709841cb3f014853624e90c446c931fb8f213a9a7c93

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16058
cache-control: max-age=31536000
content-encoding: br
content-length: 173
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:05 GMT
etag: "b6b287ad42c36594d4c8f2985f78eef8"
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 228
x-content-type-options: nosniff
x-request-id: 3d0ae426-7ec4-4b2e-a71d-fa87e979045d
x-served-by: cache-hhn4036-HHN

GET
H2 200 payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html Show response
js.stripe.com/v3/ Frame 9503 316 B
926 B 25ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

aeebf997ef2056cb73f0826fdcdb3bbdde2a20c9e0582550a98706c81051d429

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60
content-encoding: br
content-length: 150
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:05 GMT
etag: "8cc689a856a3bc3926f645f46674b564"
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 47099723-f06a-4ad9-8ba9-6ffce5becc3a
x-served-by: cache-hhn4036-HHN

GET
H2 200 EBUidCache.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/ 4 KB
2 KB 23ms
23ms Script
application/javascript 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/EBUidCache.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ebacb8069ea13a513ec42f29ad43140bb58a53c7206f0d65dbdbfbff75d6befd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 14:03:41 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C2
etag: W/"21cbddda333527c67445846e1000aeef"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1651157
accept-ranges: bytes
x-amz-cf-id: Vs70HbK46bh_HagoBzMm5oBSKV5MOMvcJNnXmILXq2sVJ7mRLt5E5w==
content-length: 1338

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 2 KB
2 KB 102ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1664409185749&cv=9&fst=1664409185749&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc8b30a2490929ed1dee1bba75c6bc41fba6efe74732d1c214b23180b42a5c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/ 2 KB
1 KB 105ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/?random=1664409185753&cv=9&fst=1664409185753&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c147d47f52660f079023d32b97c8e4f043549ed300b6d2a5f9f9705d4f812f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/ 2 KB
1 KB 102ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/?random=1664409185754&cv=9&fst=1664409185754&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719d73fa9c92b39ad666ca01a4840d0729480361a4a8fe0f11390804714ce228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 3CC2 156 B
523 B 624ms
207ms XHR
application/json 52.41.97.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.97.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-97-242.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6afffc9c663281b8ceadfb865ed184da506ec44f281f639e188bdcacfe012a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 csp-report
q.stripe.com/ Frame 12EA 0
570 B 198ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12EA 313 KB
72 KB 25ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: 12d62407-be7d-4b24-b1b6-ed32de30b810
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1395

GET
H2 200 controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12EA 364 KB
91 KB 24ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ce9162574dc014dc146dd71da036b0e5409afd9201e80de59081a6b53746841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 93390
x-request-id: 98719bb4-fd19-404b-9d1a-149b21d6813c
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:39 GMT
server: Fastly
etag: "631ad0e8d2ccceaf21f1992872ea1c53"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1286

POST
H2 200 csp-report
q.stripe.com/ Frame DE70 0
570 B 196ms
196ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DE70 0
570 B 197ms
196ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame DE70 102 KB
33 KB 161ms
85ms Script
application/javascript 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4GpGHPLOxg7I4X9Ey9xtVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4GpGHPLOxg7I4X9Ey9xtVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Sep 2022 23:53:05 GMT

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DE70 313 KB
72 KB 47ms
47ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: e602551d-83e1-4117-943b-dbf58c73a7f3
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1396

GET
H2 200 payment-request-inner-google-pay-4d3a79a80fbd89b2ea2ccf9a01f7c5d7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DE70 14 KB
5 KB 51ms
51ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4d3a79a80fbd89b2ea2ccf9a01f7c5d7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16058
x-cache: HIT
content-length: 4766
x-request-id: 58dac2a6-08e1-4d5a-8645-02a53820fc22
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:40 GMT
server: Fastly
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 159

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 25ms
24ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.salvationarmyflorida.org&t=xo&v=5.0.332&source=payments_sdk&mrid=89TPM5K6KEDCA&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=false

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9adadf7cd410549b72f35ed708ee97fb6d214e87f3d18da2472d811aa0e5cc10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HDW5eIth091PLAttmge3bMjIvAdq+VlR9svo+n5Kj2Ngb0WZ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HDW5eIth091PLAttmge3bMjIvAdq+VlR9svo+n5Kj2Ngb0WZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 77090
x-cache: HIT
paypal-debug-id: f464997021b77
server-timing: "traceparent;desc="00-0000000000000000000f464997021b77-af9e00bc70638bdb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4784
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
traceparent: 00-0000000000000000000f464997021b77-292fd007adf6bd8f-01
x-timer: S1664409186.797577,VS0,VE2
etag: W/"3582-FY+dOkS2Zlvp0xXxFVh3D0TtZGs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 csp-report
q.stripe.com/ Frame 9503 0
570 B 197ms
196ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9503 0
570 B 325ms
324ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9503 313 KB
72 KB 35ms
35ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: f11dd4d9-8a5c-4bde-8fd2-074ecd9a1ca3
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1397

GET
H2 200 payment-request-inner-browser-8d6b138e980890f05409d0b3f2c63d44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9503 12 KB
4 KB 35ms
34ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-8d6b138e980890f05409d0b3f2c63d44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 16176
x-cache: HIT
content-length: 4424
x-request-id: d42a6d89-cf81-4278-8134-d7bec8b7c01c
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:40 GMT
server: Fastly
etag: "13563263f55505d5822aae879d83b8c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 258

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-f/s/0.6.41/ 54 KB
23 KB 115ms
114ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/s/0.6.41/clarity.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d107429df470"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0Yd40YwAAAABT7s4NEsipT4nVzHxt4eJdQU1TMDRFREdFMTgxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&RedC=c.clarity.ms&MXFR=1579DB9FC15461150309C9B2C5546F7F
https://c.clarity.ms/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&MUID=10FF6B6F259161FB0FB67942241A60D4

42 B
368 B

44ms
43ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&MUID=10FF6B6F259161FB0FB67942241A60D4
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 524E7ACF2E7646D4A8F8EC72D6A25FE8 Ref B: FRA31EDGE0219 Ref C: 2022-09-28T23:53:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=41959B8783124070AF494E5501044D1C&MUID=10FF6B6F259161FB0FB67942241A60D4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=timing&_s=7&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1664409184664&utt=4188&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=1876548791

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 497 B
493 B 25ms
25ms Script
application/x-javascript 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?EBUI.js&cn=cu
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7622f62bc305117db4012f7b73d478a8289b37cffeb0291b9638eac21d9e5d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 23:53:00 GMT
server: Microsoft-IIS/10.0
etag: "a6985b37c65dcd1:0"
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private, max-age=3600
content-length: 227

GET
H2 200 js Show response
www.paypal.com/sdk/ 314 KB
94 KB 26ms
25ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba792065cba09cd66b50599ded9d2fdf35b2e64aa0453a7796a81b91bf2e27b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-vC9/Kfgox24dMvkkIpAAGJmhNUPI0BhEEStzFc2WRh+LndvO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vC9/Kfgox24dMvkkIpAAGJmhNUPI0BhEEStzFc2WRh+LndvO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vC9/Kfgox24dMvkkIpAAGJmhNUPI0BhEEStzFc2WRh+LndvO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vC9/Kfgox24dMvkkIpAAGJmhNUPI0BhEEStzFc2WRh+LndvO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5108
x-cache: HIT
p3p: true
paypal-debug-id: f937606fb2af7
server-timing: "traceparent;desc="00-0000000000000000000f937606fb2af7-1faa8c5a9fd90529-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 95055
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
traceparent: 00-0000000000000000000f937606fb2af7-8dad6399ce4051e6-01
x-timer: S1664409186.827403,VS0,VE3
etag: W/"1734f-OObZxDsNjwkcfISVkEUQ5S9/aBs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2884301915493456739
dpm.demdex.net/ Frame 4130
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2884301915493456739

42 B
942 B

126ms
126ms

Image
image/gif

54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2884301915493456739

Protocol

HTTP/1.1

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v043-0e6599244.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kysUlkOJSAk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2884301915493456739
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 90ms
23ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
x-served-by: cache-sjc10063-SJC, cache-hhn4083-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1664409186.899335,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 91145, 222108

GET
H2 200 ts
t.paypal.com/ 42 B
750 B 281ms
191ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A89TPM5K6KEDCA-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A89TPM5K6KEDCA-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=03b31e39-b7c6-4764-94dd-2400150f3f44&fltp=analytics&mrid=89TPM5K6KEDCA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1664409185824&g=0&completeurl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCB) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CCB)
traceparent: 00-0000000000000000000d4af60ef8c63b-162019cdff6ed6e3-01
content-type: image/gif
paypal-debug-id: d4af60ef8c63b
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=170
timing-allow-origin: *
content-length: 42
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12EA 231 KB
47 KB 32ms
31ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 538777
x-cache: HIT
content-length: 47921
x-request-id: b5ee9083-e749-4df3-85a9-54428ad5327a
x-served-by: cache-hhn4036-HHN
last-modified: Tue, 20 Sep 2022 13:38:28 GMT
server: Fastly
etag: "ab675b71d19378124fcdf3c0f6dad353"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 122645

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12EA 2 KB
959 B 31ms
30ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:05 GMT
via: 1.1 varnish
age: 538783
x-cache: HIT
content-length: 770
x-request-id: f3e25c97-1605-4959-bfa8-a7bb2ee66c6f
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 12 Sep 2022 20:31:43 GMT
server: Fastly
etag: "f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 120995

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 12EA 474 B
606 B 75ms
23ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

638ff6daea170c8a6afd2c562d83b9c33f6d5824006f8d614afd0c23b40d4516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 49
x-cache: HIT
content-length: 297
x-request-id: 7e8f43b7-af68-400a-a4d8-1d07c23c67d3
x-served-by: cache-hhn4071-HHN
last-modified: Wed, 28 Sep 2022 20:24:29 GMT
server: Fastly
etag: "56c8e5c977d8a9f828067a1d0092c78e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 204ms
204ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d721d0376489c64797496a4abcfbc8374d1a18393975de6891389933212a879c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f766423a3a9c5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4046-HHN
traceparent: 00-0000000000000000000f766423a3a9c5-0ed35cdbe0942624-01
x-timer: S1664409186.158533,VS0,VE183
etag: W/W/"3f8-3hHjq575cukfPV1JnfZCVzTqBy4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 260ms
218ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 28 Sep 2022 23:53:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f766423245e33
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f766423245e33-7e35b695916276d9-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4046-HHN
x-timer: S1664409186.939201,VS0,VE198

GET
H2 200 Serving Show response
bs.serving-sys.com/ 1 KB
1 KB 26ms
26ms Script
text/html 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?secCall=1&sessionid=2097463203236092879&cn=as&ActivityID=550371&rnd=300377.8011465648&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]&cuid=a951f0fb-4111-4f5f-bcfd-0208a624fa43
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1dcc4c1655574fcdca285969902fe4162901569b4eb11a27c466c177dd4e04f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
content-length: 534
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/827406829/ 42 B
64 B 79ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827406829/?random=1664409185749&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=161794653&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/827406829/ 42 B
64 B 82ms
37ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827406829/?random=1664409185749&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=161794653&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/590708955/ 42 B
64 B 81ms
37ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590708955/?random=1664409185754&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=35777471&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590708955/ 42 B
64 B 79ms
35ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590708955/?random=1664409185754&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=35777471&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/590768768/ 42 B
64 B 99ms
55ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590768768/?random=1664409185753&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=4270799843&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590768768/ 42 B
64 B 80ms
35ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590768768/?random=1664409185753&cv=9&fst=1664406000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&random=4270799843&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 343ms
343ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.salvationarmyflorida.org&t=xo&v=5.0.332&source=payments_sdk&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=true

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/KuLGd/h8Z8xGYFp2JNAzhjJab7r2f63OQBFYTNk9dE5PNW8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/KuLGd/h8Z8xGYFp2JNAzhjJab7r2f63OQBFYTNk9dE5PNW8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: HIT
paypal-debug-id: f378098f8b1d1
server-timing: "traceparent;desc="00-0000000000000000000f378098f8b1d1-39cec21b44f45d2f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
traceparent: 00-0000000000000000000f378098f8b1d1-c3be85d63f9de784-01
x-timer: S1664409186.945116,VS0,VE320
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=R5GfHRXHmhtckpxKQ5qBGxebnRtcwJUZF5tXVGUX
dpm.demdex.net/ Frame 4130
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=R5GfHRXHmhtckpxKQ5qBGxebnRtcwJUZF5tXVGUX

42 B
942 B

180ms
127ms

Image
image/gif

54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=R5GfHRXHmhtckpxKQ5qBGxebnRtcwJUZF5tXVGUX

Protocol

HTTP/1.1

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v043-0e813aa3a.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rZr7Jw3tTv8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=R5GfHRXHmhtckpxKQ5qBGxebnRtcwJUZF5tXVGUX
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 499C 54 KB
17 KB 24ms
23ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Wed, 28 Sep 2022 23:53:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 408887, 234508
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-hhn4083-HHN
x-timer: S1664409186.966163,VS0,VE0

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 316ms
310ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 400ms
394ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 398ms
393ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 315ms
310ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 399ms
394ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 399ms
394ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 399ms
395ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 399ms
396ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 398ms
395ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 398ms
396ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1020 B
2 KB 198ms
198ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41d7f6f644e2970840b092341422d9299c916a6cc1f6ea6b6709ab06629c0674

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f76642339fddf
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4046-HHN
traceparent: 00-0000000000000000000f76642339fddf-8d75a218027a157c-01
x-timer: S1664409186.248312,VS0,VE177
etag: W/W/"3fc-w4Y8u8e59A1Yqqk27aocrOyaQQc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 209ms
209ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 28 Sep 2022 23:53:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f766423aaadad
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f766423aaadad-2a257d7bf7414b9e-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4046-HHN
x-timer: S1664409186.038560,VS0,VE188

GET ProximaNova-Bold-webfont.woff
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ 0
0

GET
H2 200 serving
bs.serving-sys.com/ Frame 4130 0
104 B 25ms
24ms Image
text/plain 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=60468439344711799202234423944978563302&redir=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 9979 18 KB
7 KB 142ms
84ms Document
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690f0ad178150fd53d03e595eea01a5bedf7327879b6d0f7b35d1fd8a0081b75

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JJL9WzuPEmqCSd3IqKewJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JJL9WzuPEmqCSd3IqKewJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 status Show response
give.salvationarmyflorida.org/sso/ 89 B
1 KB 167ms
166ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyflorida.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36103106814727432048_1664409185497&_=1664409185498

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

0ee385417aac5bba7a8a493f58f1a8871b601f63e55548d343d4f7981482d5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-8be5cae19df30cb4----1664409186105
traceparent: 00-8b0279ef15d47742b482361dac053bae-8be5cae19df30cb4-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4YmU1Y2FlMTlkZjMwY2I0IiwidHIiOiI4YjAyNzllZjE1ZDQ3NzQyYjQ4MjM2MWRhYzA1M2JhZSIsInRpIjoxNjY0NDA5MTg2MTA1fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmyflorida.org/give/180131/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 752065853c47bbb6-FRA
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
n.clarity.ms/ 0
185 B 352ms
112ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmyflorida.org
date: Wed, 28 Sep 2022 23:53:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 222ms
170ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 google

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 214ms
168ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.salvationarmyflorida.org/
Bugsnag-Sent-At: 2022-09-28T23:53:06.124Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 google
bugsnag-event-id: 6334de62009784e798700000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gtm.pageError&ea=%2Fgive%2F180131%2F&el=%2Fgive%2F180131%2F&ev=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-51388709-1&_gid=1141622534.1664409184&gtm=2wg9q0PMXWH57&z=1988364378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-820c8dd85e6368b82aac8345cb224b8a.html Show response
js.stripe.com/v3/ Frame EA18 297 B
749 B 24ms
23ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

736a1bad31fbc2b98f6c4da6011272321d3e71b8b30150dd148a73f259281703

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-encoding: br
content-length: 141
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:06 GMT
etag: "820c8dd85e6368b82aac8345cb224b8a"
last-modified: Wed, 28 Sep 2022 19:11:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 2a55339e-0bf6-44ed-a51a-6d34b4a4da9c
x-served-by: cache-hhn4036-HHN

GET
H2 200 payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html Show response
js.stripe.com/v3/ Frame 103D 380 B
891 B 24ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0930f6ebcad20c12b15d709841cb3f014853624e90c446c931fb8f213a9a7c93

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16059
cache-control: max-age=31536000
content-encoding: br
content-length: 173
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:06 GMT
etag: "b6b287ad42c36594d4c8f2985f78eef8"
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 229
x-content-type-options: nosniff
x-request-id: 37d3e169-1e08-45a4-821e-6b89f02b1e43
x-served-by: cache-hhn4036-HHN

GET
H2 200 payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html Show response
js.stripe.com/v3/ Frame 1890 316 B
932 B 23ms
23ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

aeebf997ef2056cb73f0826fdcdb3bbdde2a20c9e0582550a98706c81051d429

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60
content-encoding: br
content-length: 150
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:06 GMT
etag: "8cc689a856a3bc3926f645f46674b564"
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: e50b48c6-b728-49b9-a902-f01cff3e9940
x-served-by: cache-hhn4036-HHN

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 205ms
169ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 google

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 213ms
169ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.salvationarmyflorida.org/
Bugsnag-Sent-At: 2022-09-28T23:53:06.141Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 google
bugsnag-event-id: 6334de620097b149869b0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
498 B 193ms
193ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A89TPM5K6KEDCA-1&page=muse%3Aoffer%3A%3A%3A89TPM5K6KEDCA-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=03b31e39-b7c6-4764-94dd-2400150f3f44&es=visitorInfoFlowStarted&mrid=89TPM5K6KEDCA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1664409186148&g=0&completeurl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF4) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CF4)
traceparent: 00-000000000000000000060ef640f989f7-3d81233c0e44e139-01
content-type: image/gif
paypal-debug-id: 60ef640f989f7
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=172
timing-allow-origin: *
content-length: 42
expires: Wed, 28 Sep 2022 23:53:06 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 499C 435 B
2 KB 281ms
281ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76b8336033141446c4913c27cec319a0a15ceadbde90cb86097481b36bead461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-LoogXHtqoT2x9pv3CjDAq7C1qjxxPMwioZ1huYZiP8cv4cCS' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-LoogXHtqoT2x9pv3CjDAq7C1qjxxPMwioZ1huYZiP8cv4cCS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f7664235cc59e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
traceparent: 00-0000000000000000000f7664235cc59e-f3eb078b456aa050-01
x-timer: S1664409186.345363,VS0,VE258
etag: W/W/"1b3-QRRNXYZMuTnX8hIjJr/lb8YspVs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 181ms
181ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 28 Sep 2022 23:53:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f76642325e8aa
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f76642325e8aa-02312edd12ad3bea-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4046-HHN
x-timer: S1664409186.163173,VS0,VE160

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1018 B
2 KB 212ms
212ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f4e9d82611b8979f9bc5ca9088f68d5f50db9cb407538a3798a1a0b01a07681e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f766423a91c8c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4046-HHN
traceparent: 00-0000000000000000000f766423a91c8c-e321a9d1c622e4ac-01
x-timer: S1664409186.393837,VS0,VE191
etag: W/W/"3fa-XK5Cx5yYcpaaGSRGDQzrSOrT9xc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 226ms
226ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 28 Sep 2022 23:53:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f766423ef8e06
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f766423ef8e06-d8b2b7fde9ae3f48-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4046-HHN
x-timer: S1664409186.166736,VS0,VE205

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1018 B
2 KB 253ms
245ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1296aa53b13681bec66a4ac4e4112e282db828f847e6945276e1819fdab551de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f766423d226ec
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4046-HHN
traceparent: 00-0000000000000000000f766423d226ec-a97819affebde97f-01
x-timer: S1664409186.359829,VS0,VE224
etag: W/W/"3fa-xhm4zIphFKd17Mkfenai3ZYGhBI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 182ms
182ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.salvationarmyflorida.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.salvationarmyflorida.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 28 Sep 2022 23:53:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f766423cd1ed4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f766423cd1ed4-dcee37e22bf30759-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4046-HHN
x-timer: S1664409186.168929,VS0,VE161

POST
H2 200 csp-report
q.stripe.com/ Frame EA18 0
570 B 236ms
235ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EA18 313 KB
72 KB 24ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: f2848d50-a24a-4dc3-8327-7968bf424b49
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1398

GET
H2 200 controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EA18 364 KB
91 KB 24ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ce9162574dc014dc146dd71da036b0e5409afd9201e80de59081a6b53746841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 93390
x-request-id: a5e53613-936e-4713-ab6a-f96f4cb34945
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:39 GMT
server: Fastly
etag: "631ad0e8d2ccceaf21f1992872ea1c53"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1287

POST
H2 200 csp-report
q.stripe.com/ Frame 1890 0
570 B 232ms
231ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1890 0
570 B 233ms
232ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1890 313 KB
72 KB 26ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: 1e84b4e9-9b66-48b3-85ca-fb9376f6db22
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1399

GET
H2 200 payment-request-inner-browser-8d6b138e980890f05409d0b3f2c63d44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1890 12 KB
4 KB 27ms
26ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-8d6b138e980890f05409d0b3f2c63d44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-8cc689a856a3bc3926f645f46674b564.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16176
x-cache: HIT
content-length: 4424
x-request-id: cccd0dc1-c563-472b-9c85-75c9727eb88d
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:40 GMT
server: Fastly
etag: "13563263f55505d5822aae879d83b8c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 259

POST
H2 200 csp-report
q.stripe.com/ Frame 103D 0
570 B 230ms
230ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 103D 0
570 B 231ms
230ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 103D 102 KB
31 KB 75ms
74ms Script
application/javascript 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-iupUvq9KwqqyB-5NZBnevw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-iupUvq9KwqqyB-5NZBnevw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H2 200 shared-a46f9264c6add060c6e57f9e40ee9a79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 103D 313 KB
72 KB 25ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16803
x-cache: HIT
content-length: 73357
x-request-id: bcdb6f59-c76e-4cfc-86fb-5d45094c9650
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:41 GMT
server: Fastly
etag: "d3fe4828c610b5a43a36d22dac01f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1400

GET
H2 200 payment-request-inner-google-pay-4d3a79a80fbd89b2ea2ccf9a01f7c5d7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 103D 14 KB
5 KB 26ms
26ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4d3a79a80fbd89b2ea2ccf9a01f7c5d7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b6b287ad42c36594d4c8f2985f78eef8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 16058
x-cache: HIT
content-length: 4766
x-request-id: e2e442f5-8cae-41ee-a09f-77bf37aed264
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 28 Sep 2022 19:11:40 GMT
server: Fastly
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 160

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 4130
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=60468439344711799202234423944978563302&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-aXynnh1E2pFZ7HUWcMEr20bFLoUHhOYjmNc-~A

42 B
942 B

128ms
128ms

Image
image/gif

54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-aXynnh1E2pFZ7HUWcMEr20bFLoUHhOYjmNc-~A

Protocol

HTTP/1.1

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v043-026e5207a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: LpSN8uCXQ5Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-aXynnh1E2pFZ7HUWcMEr20bFLoUHhOYjmNc-~A
content-length: 0

GET
H/1.1 200
OK configuration Show response
api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/ 2 KB
2 KB 998ms
911ms Script
application/javascript 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NjQ0OTU1ODUsImp0aSI6Ijc1NzBlOTEzLWEyMTgtNDE5Yi1iNzk2LWQ0MzhhOGJkNDY3MyIsInN1YiI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.vEJ8zCNyY2SV9peulNy-2tfXRvNuOocaM9sJ0VP1WgAJGMdKhWKaiMFSh3uHzlqlyyL_pMpqiQy4Ugy5mQlAdA&callback=callback_json63adeb1eebd64599a79db2185b75692c

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

Resource Hash

5212a690144cfd6015a4aadd083fc9c92fc30c68d0a0ecb971f6689b189bb815

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:07 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains
transfer-encoding: chunked
paypal-debug-id: e7985cbced7a4
X-XSS-Protection: 1; mode=block
x-request-id: 82d40a13-c01f-4114-bca0-23554f657f62
x-runtime: 0.570537
referrer-policy: strict-origin-when-cross-origin
etag: W/"604eeda17cf2bcd93c2ffad11cc46c00"
x-download-options: noopen
X-Frame-Options: SAMEORIGIN
vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-BroxyId: 82d40a13-c01f-4114-bca0-23554f657f62

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 48ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149912447208716&ev=Microdata&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&rl=&if=false&ts=1664409186236&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Classy%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F5866174%2Fd7993690-346d-11ed-aef7-0a58a9feac02.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F5866174%2Fd7993690-346d-11ed-aef7-0a58a9feac02.jpg%22%2C%22og%3Atitle%22%3A%22Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)%22%2C%22twitter%3Atitle%22%3A%22Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=2&o=30&fbp=fb.1.1664409185715.377112325&it=1664409185384&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 23:53:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EA18 231 KB
47 KB 24ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 538778
x-cache: HIT
content-length: 47921
x-request-id: 02d0d6d1-946f-4d0b-a66a-36991c8407e7
x-served-by: cache-hhn4036-HHN
last-modified: Tue, 20 Sep 2022 13:38:28 GMT
server: Fastly
etag: "ab675b71d19378124fcdf3c0f6dad353"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 122646

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EA18 2 KB
904 B 25ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e13b1b6df5ee090e31e2aa51dbd2cfc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
age: 538784
x-cache: HIT
content-length: 770
x-request-id: 869cd15b-d304-47d6-afe8-cb3fe18effb7
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 12 Sep 2022 20:31:43 GMT
server: Fastly
etag: "f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 120996

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EA18 474 B
397 B 24ms
23ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

638ff6daea170c8a6afd2c562d83b9c33f6d5824006f8d614afd0c23b40d4516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-820c8dd85e6368b82aac8345cb224b8a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-cache: HIT
content-length: 297
x-request-id: 17e17ccd-f5d0-4077-8889-aa7a627d56c3
x-served-by: cache-hhn4071-HHN
last-modified: Wed, 28 Sep 2022 20:24:29 GMT
server: Fastly
etag: "56c8e5c977d8a9f828067a1d0092c78e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9979 2 KB
2 KB 28ms
28ms Other
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 9979 153 KB
55 KB 76ms
25ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cbfd7db1a17809ae93d50b02f07ceee72087fdc371e2bc33f3bdbd4c1356f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55285
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 02:27:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:21 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 290ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15699
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H2 200 tealium_collect.min.js Show response
tags.tiqcdn.com/libs/tealiumjs/latest/ 29 KB
11 KB 276ms
34ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/libs/tealiumjs/latest/tealium_collect.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3de8cfadcd96ac84bdf4981517cec0a39b7aa793fb5dab6c4b035aa2f867c619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 16:24:11 GMT
server: AkamaiNetStorage
etag: "eab14d7208ffce32dad8dac3b47df4cb:1658334251.553043"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 10933
expires: Thu, 13 Oct 2022 23:53:06 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 28ms
25ms Script
text/html 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=485783&rnd=232017.9474634343
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70949dfacaeb3a260ae6b9c34f825e930053e26318837438b67b86e38cb781b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 583
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 28ms
26ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Oct 2022 23:53:06 GMT

GET
H/1.1 200
OK 44762 Show response
cdn.bttrack.com/universal/ 2 KB
3 KB 286ms
26ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44762
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 95fd59d301ce000ce5dcc1de36e8b8078c9ddece1223ddc35076e8163ed3a8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:06 GMT
Cache-Control: max-age=669
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2374
X-HW: 1664409186.dop135.fr8.t,1664409186.cds055.fr8.shn,1664409186.dop135.fr8.t,1664409186.cds167.fr8.c
Content-Type: application/javascript; charset=utf-8

GET
H2 200 sync Show response
live.rezync.com/ 2 KB
3 KB 1988ms
1755ms Script
application/javascript 108.138.17.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=45488542c379a568cc7a47157fbaba2c&k=salvation-army-pixel-3674&zmpID=salvation-army&cache_buster=404158387
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-118.fra56.r.cloudfront.net
Software: lighttpd/1.4.59 /
Resource Hash: a434a767f0e06dfc3e663711627af363adeeb4ed4d3e9a2ccfe6b0f322cec83a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:08 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-P7
vary: Cookie
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 2055
x-amz-cf-id: d-Qk48MjzewxhX_pCqztP-kA2Lu9AYkTKrObu3nhoSx4UQfi3i2ErQ==

GET
H/1.1

200
OK

container.js Show response
tags.wdsvc.net/
Redirect Chain

https://tags.wdsvc.net/controller.js?id=100423
https://tags.wdsvc.net/container.js?id=100423&v=4.00&t=1664409186633

27 KB
27 KB

225ms
224ms

Script
text/javascript

34.193.169.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/container.js?id=100423&v=4.00&t=1664409186633
Protocol: HTTP/1.1
Server: 34.193.169.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-169-174.compute-1.amazonaws.com
Software: /
Resource Hash: 877bd1ebcdf00b492403d2cddaa66e9fa53b0391fab5f36d72f8a482a59ac69d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 23:53:06 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 27302
Expires: Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location: https://tags.wdsvc.net/container.js?id=100423&v=4.00&t=1664409186633
Date: Wed, 28 Sep 2022 23:53:06 GMT
Cache-Control: private, no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=pageview&_s=1&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-51388709-1&_gid=1141622534.1664409184&gtm=2wg9q0PMXWH57&cd3=DONATE%3AUSS&z=960879464

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impression
b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/ 42 B
312 B 360ms
119ms Image
image/gif 23.23.175.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/impression?dnt=false&vpxid=2380&bwb=35&us_privacy=&gtmcb=939538797
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.175.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-175-40.compute-1.amazonaws.com
Software: Beacon Server /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: Beacon Server
access-control-allow-headers: Content-Type
content-length: 42
content-type: image/gif

GET
H2 404 1023
bttrack.com/Pixel/Retarget/ 0
0 345ms
115ms Image
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Retarget/1023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 274ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=9vus3v7&ct=0:95naoge&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 TC-5193-1.gif
pt.ispot.tv/v2/ 43 B
313 B 248ms
22ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-5193-1.gif?app=web&type=donation_start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 114ms
113ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=5311879168556329&s=2845814523641059&b=web&tv=4.0&sp=ts&sp=1664409185110&sp=d&sp=give.salvationarmyflorida.org&sp=h&sp=%2Fgive%2F180131%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&pp=d&pp=give.salvationarmyflorida.org&pp=h&pp=%2Fgive%2F180131%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pp=t&pp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&pp=ts&pp=1664409185152&pp=pr&pp=%2Fgive%2F180131%2F&id0=4580798287416820&k0=environment&k0=prod&k0=organization_id&k0=50858&k0=campaign&k0=180131&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.61%20Safari%2F537.36&k0=event_id&k0=1664409186.841274523054&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1664409186319&st=1664409186320

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149912447208716&ev=ViewContent&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&rl=&if=false&ts=1664409186321&cd[content_name]=Donation%20Page&cd[content_url]=%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&sw=1600&sh=1200&v=2.9.84&r=stable&ec=3&o=30&fbp=fb.1.1664409185715.377112325&it=1664409185384&coo=false&eid=1664409186.841274523054&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 23:53:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 199ms
199ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 270ms
269ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 268ms
268ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 267ms
267ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 268ms
268ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 266ms
266ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 267ms
266ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 267ms
267ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame 4130 35 B
77 B 330ms
117ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=60468439344711799202234423944978563302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Wed, 28 Sep 2022 23:52:49 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 57A3 18 KB
7 KB 293ms
92ms Document
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a91043cc610fb056ad6172b64c2c3fd0002f819a85ef6f11ac61d1694da99c4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-K1-PHqphsli1BWn3mAVtZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-K1-PHqphsli1BWn3mAVtZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=pageview&_s=8&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&dp=%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-3837893-1&_gid=1141622534.1664409184&cd1=50858&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=180131&cd6=campaign&cd11=recurring%20optimization&z=1881448650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=245688401&t=pageview&_s=2&dl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&dp=%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1646469969.1664409184&tid=UA-74191474-1&_gid=1141622534.1664409184&z=1928355123

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 00:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
498 B 190ms
189ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1664409186356&g=0&completeurl=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCF) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CCF)
traceparent: 00-00000000000000000006f4bad562dcfe-f6c73bf10cb8b795-01
content-type: image/gif
paypal-debug-id: 6f4bad562dcfe
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=168
timing-allow-origin: *
content-length: 42
expires: Wed, 28 Sep 2022 23:53:06 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 238ms
238ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 rules-p-d5N1L76OG6H12.js Show response
rules.quantcount.com/ 5 KB
2 KB 616ms
431ms Script
application/javascript 2600:9000:223c:6c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5N1L76OG6H12.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c687f002a0d87094d86edf4516599487ddc3d9b4b3f61de0fb8dff17d52dd724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:07 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sun, 28 Aug 2022 08:06:46 GMT
server: AmazonS3
etag: W/"cd40537ae6a92d352e2e2543ad3ad99d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ThCCkvXzVJaM_heq6Yg5IBePRKR_zDaL76kYZTc05vYswF1Ah_E7ew==

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 9979 78 KB
28 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7e4fd1cfb635e66f5b1328abe4e1e09ec92139193d0817ccb9266833aa31bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29000
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:22 GMT

GET
H2 200 s14699644537068 Show response
thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/ 3 KB
3 KB 238ms
237ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/s14699644537068?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F8%2F2022%2023%3A53%3A6%203%200&d.&nsid=0&jsonv=1&.d&sdid=50ACA371E415247C-6FB58A35D5FB4B12&mid=59904600191551561332290805667597808339&aamlh=6&ce=UTF-8&pageName=DONATE%3AUSS%7C180131%7CCampaign%20Donate&g=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&cc=USD&ch=Donate&events=event5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&v1=DONATE%3AUSS%7C180131%7CCampaign%20Donate&c2=give.salvationarmyflorida.org&c3=DONATE%3AUSS&v5=The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20%28TSM18aq%29%3A180131&c6=22&c9=VisitorAPI%20Present&c12=D%3Dmid&c15=donation&c16=D%3Dv31&c18=D%3Dv64&v21=false&v24=tsm-705%3A23ddjmadmfftdpr005%3Adm_acquisition%3Anull%3Anull&v30=The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20%28TSM18aq%29&v33=D%3Dmid&v64=D%3Dg&v66=undefined&v68=50858&v73=23ddjmadmfftdpr005%20%7C%20tsm_23_dm_acquisition&v78=D%3Dr&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&AQE=1

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c40b742820bfa7a498ef2d9283159a8ad169e1277a8e62e8a17c3267cf971842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-aam-tid: 6jEWcZv3QmE=
date: Wed, 28 Sep 2022 23:53:06 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 3353
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v043-0e113b800.edge-irl1.demdex.com 3 ms
pragma: no-cache
last-modified: Thu, 29 Sep 2022 23:53:06 GMT
server: jag
etag: 3574291512174870528-4619891100496962128
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 27 Sep 2022 23:53:06 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXpUZVlRQUFBRU1XbndOLQ==

170 B
502 B

101ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXpUZVlRQUFBRU1XbndOLQ==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409186.456109,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXpUZVlRQUFBRU1XbndOLQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect Show response
n.clarity.ms/ 0
25 B 227ms
227ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmyflorida.org
date: Wed, 28 Sep 2022 23:53:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YzTeYQAAAEMWnwN-&expires=90

0
239 B

132ms
23ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YzTeYQAAAEMWnwN-&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409187.550980,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YzTeYQAAAEMWnwN-&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9979 49 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 01:15:57 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 9979 1 MB
353 KB 87ms
87ms XHR
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c216f2a622555cb074045c0c33fdc6a8a3627c9a35d695f746572f6d18d73a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Iuvdco4JwQYJznQjcO8-SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Iuvdco4JwQYJznQjcO8-SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 9979 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e81f808cc75245f5973c3e873296566dcaabcc89c0a995b059f3fe5c0c048a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7423
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:25 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 9979 37 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a3a9427f1d1cc4b9287122bdc9b2f61daefa802c1892c529dfdce578e0245e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13973
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 103ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 114ms
55ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 116ms
70ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 110ms
55ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 105ms
61ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 107ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 104ms
59ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
55ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 103ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 96ms
55ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 t.tealium_collect.1_0_3.js Show response
tags.tiqcdn.com/shared/tms/ 3 KB
2 KB 25ms
24ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/shared/tms/t.tealium_collect.1_0_3.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e5a8709a1c978bbdee2606a42b713586496c904986d0cbbfbfdd6e82cb35abf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:13:30 GMT
server: AkamaiNetStorage
etag: "07cdf83c63e7e3c092d9bede300ece10:1656508410.841334"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1406
expires: Thu, 13 Oct 2022 23:53:06 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 3 KB
1 KB 124ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1664409186640&cv=9&fst=1664409186640&num=1&label=pQ-wCLfl3IgBEO3zxIoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c5a6330f49c3939198adebfb5d4044f3cbce610461c9fab2266965b6838b15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/980170053/ 2 KB
1 KB 38ms
37ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/980170053/?random=1664409186641&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

68849ac2087b3952eab5662576f0e496cb111e17c2918b169d0b0e9ac16652d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982322407/ 3 KB
1 KB 91ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982322407/?random=1664409186645&cv=9&fst=1664409186645&num=1&label=9k2DCOyz2mEQ55m01AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9782bcb67136c1b667cf6e26334c5d1ce6cdf0adc943f5a36aef6f9cb5affd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1169
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/ 3 KB
1 KB 122ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/?random=1664409186646&cv=9&fst=1664409186646&num=1&label=hCtRCP2T8t4BENuB1pkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92c592a62ae6dd6a943220b773a9ac314de7ef4748d742a4ddd1fb2264c431a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1171
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982651947/ 3 KB
1 KB 88ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982651947/?random=1664409186646&cv=9&fst=1664409186646&num=1&label=y0JYCN-001cQq6jI1AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebc83275896774bb120f5d219e261de37dc5a8c39aa149b35adf350e16d6542e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/ 3 KB
1 KB 86ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/?random=1664409186647&cv=9&fst=1664409186647&num=1&label=7IbXCIKl594BEIDV2ZkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4846ed9fbf90b602b458049696c0d90b94b72f6654df98fd23f3eb1e3bc8ea24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943988265/ 3 KB
1 KB 150ms
109ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943988265/?random=1664409186647&cv=9&fst=1664409186647&num=1&label=OzLNCPWbgfwBEKm8kMID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14aafae607f356d196722cc177fb050f4eb8d4b0471e002dc696460f2c99c1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9979 131 B
155 B 103ms
59ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 199ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 199ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 57A3 2 KB
2 KB 29ms
29ms Other
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 57A3 153 KB
54 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cbfd7db1a17809ae93d50b02f07ceee72087fdc371e2bc33f3bdbd4c1356f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55285
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 02:27:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:21 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN-
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN-&C=1

43 B
879 B

74ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN-&C=1
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlCuh1TdzPTb6omWjp6X3SGSWbS%2BJAgqj9MQYX8evZ6GwhlcKxtjycy6DABbkl014UBh%2BKG2RnRG6CjNmdo2%2FlmiIPa3hp1nwPvLmawDZ3n93GHk8U6UdlaLJslNqMudkmyEPmXVJ35qXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75206589efdb9043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhGHi%2F15WbmJRrFyOszuBxH1QK5fkmY0BRgUQQN6GwuVKqM8qCVfA6fwGDsvRXBG%2FqDt3L3FKCzPYa2wm%2BrVCI7huXvTkI1VXEej08dU2SllT%2Bkg9QdYFVimJKVo5XuyEi8DToRx7vIYQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=YzTeYQAAAEMWnwN-&C=1
cache-control: no-cache
cf-ray: 752065894b86bbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame 9979 131 B
672 B 114ms
61ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 199ms
199ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 198ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 199ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 113ms
111ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=5311879168556329&s=2845814523641059&b=web&tv=4.0&sp=ts&sp=1664409185110&sp=d&sp=give.salvationarmyflorida.org&sp=h&sp=%2Fgive%2F180131%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&pp=d&pp=give.salvationarmyflorida.org&pp=h&pp=%2Fgive%2F180131%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pp=t&pp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&pp=ts&pp=1664409185152&pp=pr&pp=%2Fgive%2F180131%2F&id0=6071249590195402&k0=environment&k0=prod&k0=organization_id&k0=50858&k0=campaign&k0=180131&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1664409187.417828620596&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1664409186680&st=1664409186680

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.salvationarmyflorida.org/static/global/images/digitalWallets/ 3 KB
1 KB 435ms
433ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmyflorida.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/give/180131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Sep 2022 21:59:44 GMT
server: cloudflare
etag: W/"632cdad0-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 75206588d905bbb6-FRA
expires: Thu, 28 Sep 2023 23:53:07 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/salvationarmy/sal-donate/2/ 43 B
781 B 88ms
24ms XHR
image/gif 3.64.233.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/salvationarmy/sal-donate/2/i.gif
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.233.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-233-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryhzsUYMkgJBtBw3in

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
x-serverid: uconnect_i-06a066731f3702170
x-tid: 51838684b14202546972475300225327361c96b9af0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: salvationarmy:sal-donate:2:datacloud
x-region: eu-central-1
content-length: 43
pragma: no-cache
x-did: 51838684b14202546972475300225327361c96b9af0
vary: Origin
content-type: image/gif
access-control-allow-origin: https://give.salvationarmyflorida.org
x-ulver: b0f40a8afca5e49acee901e7a2d5fa49565f3e17-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 0f29621c-0da4-4a9b-a0e1-2637993753a4
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/980170053/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

42ms
40ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEFJOE9IUG1RWVF2N0wzcTdiRHZ1UURFaVlBdEVfa2VlTFFLTENuMGNZVFliQU1HMWYtS1NIajdyYTAzZk52dmNMUnFRbk44OW04c1EaWkNoRUk4T0hQbVFZUXpwaXp5b2JncjZqakFSSXVBTGpvWGhNRXZXcV9CWHdIWGw4eS1vOVpLQ1poVXpEVEptZVA1SGloSmw4Q1NRcjJMeFlGNlNJOU90Mkh1QQ&is_vtc=1&ocp_id=Yt40Y7adKJDH1waj-ICIAg&cid=CAQSKQCsnQUxavmCEC1HgLf4mZxiv248ciPCVii9wBjcbC8WVRujvhBco_byIBM&eitems=ChAI8OHPmQYQhbSF3fWfpZMtEh0AAfi3fKr3ULF5ApVEFlJkkU5A3KWVHH2TsNQU6w&random=1477087207&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCo9cLSeFOCvB6lawr5Hpm5a5lf_BUjJSaiVM0oMpGG37c3PRB0ye9tNbc2m9H-HvKX6goiC33ObYnsU4sqyFCW

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/980170053/?random=1524290118&cv=9&fst=1664409186641&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&auid=1671704503.1664409185&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEFJOE9IUG1RWVF2N0wzcTdiRHZ1UURFaVlBdEVfa2VlTFFLTENuMGNZVFliQU1HMWYtS1NIajdyYTAzZk52dmNMUnFRbk44OW04c1EaWkNoRUk4T0hQbVFZUXpwaXp5b2JncjZqakFSSXVBTGpvWGhNRXZXcV9CWHdIWGw4eS1vOVpLQ1poVXpEVEptZVA1SGloSmw4Q1NRcjJMeFlGNlNJOU90Mkh1QQ&is_vtc=1&ocp_id=Yt40Y7adKJDH1waj-ICIAg&cid=CAQSKQCsnQUxavmCEC1HgLf4mZxiv248ciPCVii9wBjcbC8WVRujvhBco_byIBM&eitems=ChAI8OHPmQYQhbSF3fWfpZMtEh0AAfi3fKr3ULF5ApVEFlJkkU5A3KWVHH2TsNQU6w&random=1477087207&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCo9cLSeFOCvB6lawr5Hpm5a5lf_BUjJSaiVM0oMpGG37c3PRB0ye9tNbc2m9H-HvKX6goiC33ObYnsU4sqyFCW
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 57A3 78 KB
28 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7e4fd1cfb635e66f5b1328abe4e1e09ec92139193d0817ccb9266833aa31bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29000
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:22 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/590768768/ 42 B
64 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590768768/?random=1664409186647&cv=9&fst=1664406000000&num=1&label=7IbXCIKl594BEIDV2ZkC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxXuJujcrhVVKgv1rIs2Y8K6hwtiSPV9Zf9l9cWddMT4VIEeExIBM&random=3257036244&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590768768/ 42 B
64 B 36ms
34ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590768768/?random=1664409186647&cv=9&fst=1664406000000&num=1&label=7IbXCIKl594BEIDV2ZkC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxXuJujcrhVVKgv1rIs2Y8K6hwtiSPV9Zf9l9cWddMT4VIEeExIBM&random=3257036244&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/982651947/ 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982651947/?random=1664409186646&cv=9&fst=1664406000000&num=1&label=y0JYCN-001cQq6jI1AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxSbsaH7uF1W1XcykklwzYQQ_HvvIqNa7KkVSzR1w0srvhOpivIBM&random=1193877159&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/982651947/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982651947/?random=1664409186646&cv=9&fst=1664406000000&num=1&label=y0JYCN-001cQq6jI1AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxSbsaH7uF1W1XcykklwzYQQ_HvvIqNa7KkVSzR1w0srvhOpivIBM&random=1193877159&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/982322407/ 42 B
64 B 74ms
73ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982322407/?random=1664409186645&cv=9&fst=1664406000000&num=1&label=9k2DCOyz2mEQ55m01AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxWiafwMI1Vx5BawaUd1UGgTiLYw_mU8ULju5cYPOv0woi9f9PIBM&random=2468379866&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/982322407/ 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982322407/?random=1664409186645&cv=9&fst=1664406000000&num=1&label=9k2DCOyz2mEQ55m01AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxWiafwMI1Vx5BawaUd1UGgTiLYw_mU8ULju5cYPOv0woi9f9PIBM&random=2468379866&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 57A3 49 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 01:15:57 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 57A3 1 MB
353 KB 94ms
94ms XHR
text/html 2a00:1450:400c:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07e25798a39735234081ef58366d993aea5968f41073491cc234566c8cf021eb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_CwMyHUipdiZZmDi3-aRcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_CwMyHUipdiZZmDi3-aRcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YzTeYQAAAEMWnwN-
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYzTeYQAAAEMWnwN-

43 B
1 KB

26ms
26ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYzTeYQAAAEMWnwN-

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 23:53:06 GMT
AN-X-Request-Uuid: 1b6be635-5506-49ed-8869-a99e596acaa2
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 23:53:06 GMT
AN-X-Request-Uuid: d11412f9-312f-46bc-83cf-5626f89ea343
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYzTeYQAAAEMWnwN-
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/827406829/ 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827406829/?random=1664409186640&cv=9&fst=1664406000000&num=1&label=pQ-wCLfl3IgBEO3zxIoD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxQLBGXTWht9oYkRqggHQKnCQMkxpBZeY45t6EMzaxFztT3OPRIBM&random=925482397&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/827406829/ 42 B
64 B 38ms
36ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827406829/?random=1664409186640&cv=9&fst=1664406000000&num=1&label=pQ-wCLfl3IgBEO3zxIoD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxQLBGXTWht9oYkRqggHQKnCQMkxpBZeY45t6EMzaxFztT3OPRIBM&random=925482397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/590708955/ 42 B
64 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590708955/?random=1664409186646&cv=9&fst=1664406000000&num=1&label=hCtRCP2T8t4BENuB1pkC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUx1-dDszxS7UEKvV86TKfOIkdSPAAgWVPEBceGsYuTvhM9fCiAIBM&random=1320481438&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590708955/ 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590708955/?random=1664409186646&cv=9&fst=1664406000000&num=1&label=hCtRCP2T8t4BENuB1pkC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUx1-dDszxS7UEKvV86TKfOIkdSPAAgWVPEBceGsYuTvhM9fCiAIBM&random=1320481438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 57A3 18 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e81f808cc75245f5973c3e873296566dcaabcc89c0a995b059f3fe5c0c048a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7423
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:25 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYS... Frame 57A3 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BYSeSeqIH8M.L.B1.O/am=BwAB/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhifUF0uySky-ZMlUZ0kHB91Yf27g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a3a9427f1d1cc4b9287122bdc9b2f61daefa802c1892c529dfdce578e0245e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13973
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 16:21:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 59ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 103ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 59ms
57ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 98ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 60ms
59ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 94ms
57ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 59ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 88ms
57ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 59ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 87ms
58ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 61ms
60ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 78ms
58ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 23:53:06 GMT
expires: Wed, 28 Sep 2022 23:53:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 217ms
217ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 216ms
216ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 /
www.google.com/pagead/1p-user-list/943988265/ 42 B
64 B 73ms
72ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943988265/?random=1664409186647&cv=9&fst=1664406000000&num=1&label=OzLNCPWbgfwBEKm8kMID&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxjNvUtRnsVO22pglTXS7p0s4N8f04mzMNBukHw5WkMuOWmwUOIBM&random=425663033&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/943988265/ 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943988265/?random=1664409186647&cv=9&fst=1664406000000&num=1&label=OzLNCPWbgfwBEKm8kMID&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F&tiba=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxjNvUtRnsVO22pglTXS7p0s4N8f04mzMNBukHw5WkMuOWmwUOIBM&random=425663033&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame EA18 0
127 B 211ms
211ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 113ms
112ms Image
image/gif 54.164.251.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2813334399136866&v=5311879168556329&s=2845814523641059&b=web&tv=4.0&sp=ts&sp=1664409185110&sp=d&sp=give.salvationarmyflorida.org&sp=h&sp=%2Fgive%2F180131%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&pp=d&pp=give.salvationarmyflorida.org&pp=h&pp=%2Fgive%2F180131%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pp=t&pp=Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)&pp=ts&pp=1664409185152&pp=pr&pp=%2Fgive%2F180131%2F&id0=8539620667811806&k0=environment&k0=prod&k0=organization_id&k0=50858&k0=campaign&k0=180131&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1664409187.738299657396&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1664409186839&st=1664409186840

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.251.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-251-248.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H3 200 log Show response
play.google.com/ Frame 57A3 131 B
155 B 58ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.iHZokRPnOYI.es5.O/am=BwAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgztWpOLSIqY0htkDzC0PziRio-cg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 23:53:06 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YzTeYQAAAEMWnwN-

43 B
273 B

84ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YzTeYQAAAEMWnwN-
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409187.871444,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YzTeYQAAAEMWnwN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
tags.wdsvc.net/tpc-eval/ 21 B
284 B 111ms
111ms Script
text/javascript 34.193.169.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/tpc-eval/?lid=1838684b1c2-tags4-6dca9d0deaa29
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.193.169.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-169-174.compute-1.amazonaws.com
Software: /
Resource Hash: b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 23:53:06 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 21
Expires: Mon, 3 Jan 2005 13:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzTeYQAAAEMWnwN-

0
225 B

131ms
35ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzTeYQAAAEMWnwN-
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 23:53:07 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409187.972054,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzTeYQAAAEMWnwN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
550 B 84ms
21ms Image
image/gif 2600:9000:223d:6000:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1351849158;fpan=1;fpa=P0-371118956-1664409186983;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=salvationarmyflorida.org;dst=0;et=1664409186983;tzo=0;url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Esalvationarmyflorida%252Eorg%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_sourc%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F5866174%2Fd7993690-346d-11ed-aef7-0a58a9feac02%252Ejpg%2Ctitle.Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:6000:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 02:01:57 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 78671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: nmpwx_ZcoppdGFJjX_oHMgDl04i8rIhaTgf3---Vb_YEX_P65YndJQ==

GET
H2 200 pixel;r=1643581262;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3...
pixel.quantserve.com/ 35 B
378 B 24ms
23ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1643581262;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition;uht=2;fpan=0;fpa=P0-371118956-1664409186983;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=salvationarmyflorida.org;dst=0;et=1664409186986;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Esalvationarmyflorida%252Eorg%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Futm_sourc%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F5866174%2Fd7993690-346d-11ed-aef7-0a58a9feac02%252Ejpg%2Ctitle.Donate%20to%20The%20Salvation%20Army%20in%20Miami%20Fundraising%20Mail%20(TSM18aq);ses=37dae85b-1035-456f-9bac-1f0d5716a279

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1&__user_check__=1&sync_id=b328b427-3f88-11ed-ad45-14e583300206

43 B
548 B

31ms
30ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1&__user_check__=1&sync_id=b328b427-3f88-11ed-ad45-14e583300206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 11
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 28 Sep 2022 23:53:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=YzTeYQAAAEMWnwN-&img=1&__user_check__=1&sync_id=b328b427-3f88-11ed-ad45-14e583300206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 4130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YzTeYQAAAEMWnwN-&t=2592000&o=0

43 B
70 B

53ms
53ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YzTeYQAAAEMWnwN-&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:53:07 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: XBaelEgmmbderJKsEKgIUD4Q/KzWL/fyab46ABaqpNcf1cN1PPdxiVVpp+99gjKMoxtl4yI6rB/OCfiyUeMrMQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 28 Sep 2022 16:53:07 PDT

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409187.173470,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YzTeYQAAAEMWnwN-&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 96ms
22ms Script
application/x-javascript 2600:9000:223c:1c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:21:30 GMT
content-encoding: gzip
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 23:21:20 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA56-P2
age: 1898
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: B8HzooWKTdcyazVg1rHRewKHAlublWDOVSN0HCou8MhWLZH8DNjHOA==
expires: Thu, 29 Sep 2022 00:21:30 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/salvation-army/ 78 KB
25 KB 92ms
24ms Script
application/javascript 108.138.7.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/salvation-army/p13n.min.js
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f612efd4f37758eacb84700835d693dbb1387d18a02f8dd11c9de54ed007c4a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: igGThBgQqpXFJ0yfjhVV6TiFjNQZlmVU
Content-Encoding: gzip
Via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
Date: Wed, 28 Sep 2022 23:49:17 GMT
X-Amz-Cf-Pop: FRA56-P6
Age: 629
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 08:20:30 GMT
Server: AmazonS3
ETag: W/"724e90b3eb61442324db4f3986ebd931"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: vukUKscX6tL4PO25wAtDTasTcd3t-oI-23VT0_5yjI7rhH7olllP-Q==

GET
H/1.1 200
OK ca.html Show response
20841493p.rfihub.com/ Frame 3C61 3 KB
4 KB 170ms
38ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20841493p.rfihub.com/ca.html?ver=9&rb=46794&ca=20841493&_o=46794&_t=20841493&pe=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%26c_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition&pf=&ra=12214400446620033
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: c6485cc465737580ebcfc7ae4afaa2aa90ff79f4b0b241962599ce24c2027868

Request headers

Referer: https://give.salvationarmyflorida.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2820
Content-Type: text/html;charset=utf-8
Date: Wed, 28 Sep 2022 23:53:08 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 148 B
463 B 461ms
125ms XHR
application/json 54.81.23.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiODk4NDI0OTAtNzI3NS00MWVkLWJkNjgtOTZkNGQ0NTg4YjFlOjE2NjQ0MDkxODguMDU4MjMzIn19&site_id=salvation-army
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.23.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-23-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 40761077acc4185a26551c3041b3381cde4aa9c5e86efc9d4afb92cb7d0c0e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 148

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 3C61
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTMyNjE0MzgxMg==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOObIUedsd3Id4dY2FTHhpY&google_cver=1

42 B
1007 B

351ms
31ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOObIUedsd3Id4dY2FTHhpY&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Sep 2022 23:53:09 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOObIUedsd3Id4dY2FTHhpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 3C61 43 B
1 KB 27ms
25ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5134455419326143812

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 23:53:08 GMT
AN-X-Request-Uuid: 5d716e30-017e-4c7e-b4cf-b51d5e2883aa
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 3C61 0
239 B 26ms
24ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5134455419326143812&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK ibs:dpid=1121&dpuuid=5134455419326143812&redir=
dpm.demdex.net/ Frame 3C61 42 B
942 B 131ms
128ms Image
image/gif 54.77.143.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455419326143812&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.143.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v043-0351fab3a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iN71BowbTZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 3C61
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5134455419326143812&bid=omt9pi0

0
344 B

253ms
25ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5134455419326143812&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:09 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5134455419326143812&bid=omt9pi0
Date: Wed, 28 Sep 2022 23:53:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 3C61 45 B
617 B 108ms
47ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455419326143812

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 23:53:08 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 28 Sep 2022 23:53:08 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 3C61 0
104 B 27ms
25ms Image
text/plain 52.29.114.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.114.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-114-196.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 3C61
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419326143812&referrer=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23%21%2Fdonation%2Fcheckout%3Futm_so...
https://p.rfihub.com/cm?pub=39342&in=0&userid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D89842490-7275-41ed-bd68-96d4d458...
https://idsync.rlcdn.com/501709.gif?partner_uid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233

0
9 B

78ms
31ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233
Date: Wed, 28 Sep 2022 23:53:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 3C61 43 B
109 B 537ms
170ms Image
image/gif 3.94.157.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455419326143812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.157.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-157-102.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:09 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3 200 rum
dsum-sec.casalemedia.com/ Frame 3C61 43 B
844 B 42ms
40ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419326143812&forward=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvNOGKlsqj7byQJ8ciNcHZwFgWmiSSivZRjUAU5Bs0EDmQ1xGTI8uYPXhSLBUDivr%2FTTwrqkbjs7%2FX5iBIF75W9StBLem3kIMGMrLFv7SF6kqaIZdXuqFkZiwgMsGujkEerf9zNfxfX35g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75206594df649043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 3C61 0
98 B 87ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419326143812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:53:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 3C61 43 B
191 B 239ms
169ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455419326143812

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Wed, 28 Sep 2022 23:53:08 GMT
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1 200 partner
sync.search.spotxchange.com/ Frame 3C61 43 B
549 B 32ms
30ms Image
image/gif 185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419326143812&img=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 137
Connection: keep-alive
Content-Length: 43

GET
H2 200 sync
partners.tremorhub.com/ Frame 3C61 43 B
183 B 474ms
108ms Image
image/gif 2600:1f18:612b:4216:319:ee2:5022:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5134455419326143812&r=XFk31bMIqnhz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:319:ee2:5022:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 28 Sep 2022 23:53:09 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 3C61 43 B
377 B 386ms
46ms Image
image/gif 54.171.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455419326143812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.98.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3C61 0
338 B 384ms
46ms Image
text/plain 54.77.178.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5134455419326143812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.178.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-178-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Wed, 28 Sep 2022 23:53:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1664409188
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 3C61
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419326143812&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419326143812&expires=30

43 B
510 B

127ms
127ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419326143812&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 23:53:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419326143812&expires=30
Date: Wed, 28 Sep 2022 23:53:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 3C61
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://p.rfihub.com/cm?in=1&pub=21653&userid=YzTeYQAAAEMWnwN-

42 B
979 B

84ms
33ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YzTeYQAAAEMWnwN-
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841493p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Sep 2022 23:53:08 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4053-HHN
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664409189.701119,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YzTeYQAAAEMWnwN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 113ms
113ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmyflorida.org
date: Wed, 28 Sep 2022 23:53:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H/1.1 200
OK post-log Show response
tags.wdsvc.net/ 0
448 B 112ms
111ms XHR
text/html 34.193.169.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/post-log?v=4.00&t=1664409186756
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.193.169.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-169-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://give.salvationarmyflorida.org
Date: Wed, 28 Sep 2022 23:53:08 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 0
Content-Type: text/html

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 48ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=xuf5w5o&ct=0:rfvwn43&fmt=3&td1=1838684b1c2-tags4-6dca9d0deaa29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 49ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=xuf5w5o&ct=0:v2n629k&fmt=3&orderid=&vf=&v=&td1=1838684b1c2-tags4-6dca9d0deaa29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 49ms
49ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=xuf5w5o&ct=0:7dypodn&fmt=3&orderid=&vf=&v=&td1=1838684b1c2-tags4-6dca9d0deaa29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 23:53:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET ProximaNova-Bold-webfont.ttf
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ 0
0

POST
H2 200 6 Show response
m.stripe.com/ Frame 3CC2 156 B
522 B 208ms
207ms XHR
application/json 52.41.97.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.97.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-97-242.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6afffc9c663281b8ceadfb865ed184da506ec44f281f639e188bdcacfe012a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 23:53:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
275 B 23ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js

Requested by

Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.salvationarmyflorida.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 23:53:10 GMT
via: 1.1 varnish
age: 538756
x-cache: HIT
content-length: 119
x-request-id: 26b90fbe-a2a3-47d2-81d7-18c1020a0322
x-served-by: cache-hhn4036-HHN
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Fastly
etag: "5cbd8f0579eb735eea933bbd78b29553"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49623

POST
H2 200 0 Show response
r.stripe.com/ Frame 12EA 0
127 B 199ms
199ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a46f9264c6add060c6e57f9e40ee9a79.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 28 Sep 2022 23:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 114ms
112ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: give.salvationarmyflorida.org
URL: https://give.salvationarmyflorida.org/give/180131/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmyflorida.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmyflorida.org
date: Wed, 28 Sep 2022 23:53:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff

Domain: 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.ttf

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

106 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:21:35	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
give.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: connect.sid Value: s%3At-XTHV7p1dK_IxqGTzi4b_GxI4ujlN20.seRvTrKCXGvY7Bx0X4mrPyHqYGSIj0fzPi6Et9lNU7M
.give.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: __cf_bm Value: zHFldsBOBl861nF3s.0jpTANvzoOaAHyUBs2elIAFVI-1664409183-0-AcEx3W7FUt+9IMkIeijdcQqSdcNw+AUKF3sYKYr9eddn3L8Zq/AAjWPvfb/OPC+5T8UddL+gLjBZMosgWPXsgMY=
.give.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: __cfruid Value: 27ab1e85fbca45eb119392957223c4c4f88b2efc-1664409183
.classy.org/	1970-01-20 06:20:10	Name: __cf_bm Value: GHpJBL3R8j8F17UaX6_biVI4O6v0EdOCRgpOhqqvoSQ-1664409183-0-AU0sjibNbATJyoK5ta7NtpxG7AHo0lXVr116aaecbHOH4TtNAqIVzQFOcTAICpkClzy+OYIccWaaSe3nGaPeQGs=
.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: _ga Value: GA1.2.1646469969.1664409184
.salvationarmyflorida.org/	1970-01-20 06:21:35	Name: _gid Value: GA1.2.1141622534.1664409184
.salvationarmyflorida.org/	1970-01-20 08:29:45	Name: _gcl_au Value: 1.1.1671704503.1664409185
.salvationarmyflorida.org/	1970-01-20 06:20:09	Name: _gat_UA-51388709-1 Value: 1
.bing.com/	1970-01-20 15:41:45	Name: MUID Value: 10FF6B6F259161FB0FB67942241A60D4
give.salvationarmyflorida.org/	1970-01-20 06:40:18	Name: c_src Value: %7B%22180131%22%3A%5B%7B%22c_src%22%3A%2223ddjmadmfftdpr005%22%2C%22c_src2%22%3A%22tsm_23_dm_acquisition%22%2C%22referrer%22%3A%22%22%2C%22timestamp%22%3A1664409184665%7D%5D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ITXxxiREMTM
.youtube.com/	1970-01-20 10:39:21	Name: VISITOR_INFO1_LIVE Value: 5hTbqi4s6qA
.salvationarmyflorida.org/	1970-01-20 06:20:09	Name: _gat_classyTrack Value: 1
.salvationarmyflorida.org/	1970-01-20 06:20:09	Name: _gat_clientTrack Value: 1
.demdex.net/	1970-01-20 10:39:21	Name: demdex Value: 60468439344711799202234423944978563302
.salvationarmyflorida.org/	1970-01-20 15:48:06	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%222813334399136866%22%2C%22pageviewId%22%3A%225311879168556329%22%2C%22sessionId%22%3A%222845814523641059%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.salvationarmyflorida.org/	1970-01-20 15:48:06	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A50858%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A180131%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: AMCVS_20A0289659302A7E0A495D28%40AdobeOrg Value: 1
.salvationarmyflorida.org/	1970-01-20 06:21:35	Name: _uetsid Value: b1f9b3c03f8811edb4487336609a29d6
.salvationarmyflorida.org/	1970-01-20 15:41:45	Name: _uetvid Value: b1f9cb503f8811edaa585963275ee890
.salvationarmyflorida.org/	1970-01-20 15:49:55	Name: _scid Value: 25f91081-f6c9-4a2d-81fb-1d782aa1eff8
.give.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.salvationarmyflorida.org%2Fgive%2F180131%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition&datestamp=Wed+Sep+28+2022+23%3A53%3A05+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.snapchat.com/	1970-01-20 15:41:45	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3GwRGAMAgEwIqYuYsnJuUIkioo3uxrU18SERahMPl1tov2joVRWXzAbrpLWJx34wd33lNQMgAAAA==
.everesttech.net/	1970-01-20 15:05:45	Name: everest_g_v2 Value: g_surferid~YzTeYQAAAEMWnwN-
.salvationarmyflorida.org/	1970-01-20 15:41:45	Name: _tt_enable_cookie Value: 1
.salvationarmyflorida.org/	1970-01-20 15:41:45	Name: _ttp Value: 9e0df2ff-4949-4686-ac83-6de4264f374f
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2d721be11fc30214
.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: adcloud Value: {%22_les_v%22:%22y%2Csalvationarmyflorida.org%2C1664410985%22}
.t.co/	1970-01-20 15:56:09	Name: muc_ads Value: 258f70ab-9e05-42e5-84ba-32474b0d7ef5
.dpm.demdex.net/	1970-01-20 10:39:21	Name: dpm Value: 60468439344711799202234423944978563302
give.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: qEYjAX64-MVeNB0JPa5wHu1eZJru6Ynu_NnA
.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1664409185110%2C%22d%22%3A%22give.salvationarmyflorida.org%22%2C%22h%22%3A%22%2Fgive%2F180131%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Fc_src%3D23ddjmadmfftdpr005%26c_src2%3Dtsm_23_dm_acquisition%26utm_source%3Dtsm-705%26utm_medium%3D23ddjmadmfftdpr005%26utm_campaign%3Ddm_acquisition%22%7D
.twitter.com/	1970-01-20 15:56:09	Name: personalization_id Value: "v1_BVD8RQak6cHvlkrOPx01sg=="
.salvationarmyflorida.org/	1970-01-20 08:29:45	Name: _fbp Value: fb.1.1664409185715.377112325
www.clarity.ms/	1970-01-20 15:05:45	Name: CLID Value: dfc659e0348f4e9bb69e51b84244554f.20220928.20230928
.google.com/	1970-01-20 10:43:40	Name: NID Value: 511=Mq1dL2nxnRcb2sRzfCt3eR8C9kC6BX9XB7qf7A5x3_3S-9Ten40C0TLVVrbnSFozx77HX8Mfh2MNt8L8XE8iqNavnbLGwQcILGuiRJB0g5TGx4NN3R5HlocEGr1HelBZIg7iKHNf78a-9RO2ZtIpCNNeTJI3-BozhzpIYsOpGgI
.serving-sys.com/	1970-01-20 08:29:45	Name: u2 Value: a951f0fb-4111-4f5f-bcfd-0208a624fa434I.06g
.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: _clck Value: 1niap1o\|1\|f59\|0
.turn.com/	1970-01-20 10:39:21	Name: uid Value: 2884301915493456739
.quantserve.com/	1970-01-20 15:50:23	Name: mc Value: 6334de62-00c28-2f912-b90f9
.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: AMCV_20A0289659302A7E0A495D28%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19264%7CMCMID%7C59904600191551561332290805667597808339%7CMCAAMLH-1665013985%7C6%7CMCAAMB-1665013985%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664416386s%7CNONE%7CMCSYNCSOP%7C411-19271%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.c.bing.com/	1970-01-20 15:41:45	Name: SRM_B Value: 10FF6B6F259161FB0FB67942241A60D4
.paypal.com/	1970-01-20 15:56:09	Name: ts_c Value: vr%3D8684aed31830a623b9546340ffffffff%26vt%3D8684aed31830a623b9546340fffffffe
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:41:45	Name: MUID Value: 10FF6B6F259161FB0FB67942241A60D4
.c.clarity.ms/	1970-01-20 06:20:09	Name: ANONCHK Value: 0
give.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: XSRF-TOKEN Value: eyJpdiI6IldDV0ZsUEFBWmJDWHA3eE5lNnBtYmc9PSIsInZhbHVlIjoidlRjT3Y5OWpxYkZ5QlhFaE5GZElyYloxM0hNVFYxQlQ1ZE5GZkJockRKY005RVU5aVo3YzdocEJtTXgzd1RXZndaWlhZendaeFwvSGlrXC8zM2t0VDdhNXY4TnVPYU1tNlV0TXY2cWJ0eFNpNTJOd1JBaXBJK3RnWjNESmtGMWxWZiIsIm1hYyI6IjdhM2YxMmViNjNiOWE0NTU3ZTcyMDc3ZTVhYmE1ZjRkNmI5OGFlYzgzZGFhZGNmODI1ZDQ0NzljOTFkMjVhMjUifQ%3D%3D
give.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IkkzYVwvTVwvS295cFlyYlQzOHFZMUpJUT09IiwidmFsdWUiOiJVQ2NFOWtZODd4ajh6TlBCZWhpaldOR1krNWdacnhWdG5na1BsT2dJNXRDRDcrZlNKQm1QSUVEMWw3VmZHVXlWVVwvcE9QckRXMlZscFVYN2ZqT2l1S3N6RHlDWVdaVkg1bk02cXVXckZEMGE3TkkwWU5PZThtM2VTV1NsTVhQV3IiLCJtYWMiOiJjMzE0ODBmOWU4MTlkYTQ0Y2YyMDkxY2U0YmEwMGZiZjBhMmFhOGU1ZTFhOWI5ZjMzM2E3YmE0ZmE3NWFjYTM1In0%3D
.serving-sys.com/	1970-01-20 08:29:45	Name: ActivityInfo2 Value: 0022ndCb50_002jaXCb50_
.yahoo.com/	1970-01-20 15:06:06	Name: A3 Value: d=AQABBGLeNGMCECnNwm2m8NnNkstpD5_3Q6A&S=AQAAAhmTJBzwH6ImhwhFcCtNrlI
m.stripe.com/	1970-01-20 15:56:09	Name: m Value: d5efb030-489e-4846-9831-70be24226c8c629470
.give.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: __stripe_mid Value: 1b597d54-b891-465b-bd0a-688d8de3548e2022fe
.give.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: __stripe_sid Value: 6b2bfe88-6687-4063-b04f-7f9a78322676b4c895
.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: s_ppv Value: DONATE%253AUSS%257C180131%257CCampaign%2520Donate%2C55%2C55%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: s_ppn Value: DONATE%3AUSS%7C180131%7CCampaign%20Donate
.salvationarmyflorida.org/	1970-01-20 06:20:10	Name: gpv_v9 Value: DONATE%3AUSS%7C180131%7CCampaign%20Donate
.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: s_ptc Value: %5B%5BB%5D%5D
.salvationarmyflorida.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.salvationarmyflorida.org/	1970-01-20 06:21:35	Name: _clsk Value: 1xpd8dj\|1664409186488\|1\|1\|n.clarity.ms/collect
.ispot.tv/	1970-01-20 15:56:09	Name: pt Value: v2:8f954c1bba1c08562309e923a118a132189634171302da00d72787e2a51aba19\|c323dcb07c5e6d76beea5c594ed7abaf0df07f1a5fe827d222494775967bf72a
.paypal.com/	1970-01-20 15:05:45	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 06:20:40	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2NDQwOTE4NjUxOSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 06:24:28	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AKxUbij53Q-ULngNs0jjlTJ5QqGVUruNg.YAI4lhm2HvRAvx2iftw%2BUw1id%2FINkBUbc19DJ%2F%2BPR9I
.paypal.com/	1970-01-20 06:20:10	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 15:56:09	Name: ts Value: vreXpYrS%3D1759103586%26vteXpYrS%3D1664410986%26vr%3D8684aed31830a623b9546340ffffffff%26vt%3D8684aed31830a623b9546340fffffffe%26vtyp%3D
.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: TEAL Value: v:51838684b14202546972475300225327361c96b9af0$t:1664410986629$s:1664409186628%3Bexp-sess$sn:1$en:1
.paypalobjects.com/	1970-01-20 06:21:35	Name: paypal-offers--cust Value: null:null:null
.wdsvc.net/	1970-01-20 06:20:09	Name: _wdTest Value: accept
.wdsvc.net/	1970-01-20 15:56:09	Name: wds_random Value: 2022-09-28T23:53:06.631Z~2022-09-28T23:53:06.631Z\|1931471772101161\|15\|
.salvationarmyflorida.org/	1970-01-20 10:39:21	Name: AAMC_thesalvationarmy_0 Value: REGION%7C6
.give.salvationarmyflorida.org/	1970-01-20 07:03:21	Name: aam_uuid Value: 60468439344711799202234423944978563302
.tealiumiq.com/	1970-01-20 15:05:45	Name: TAPID Value: salvationarmy/sal-donate>51838684b14202546972475300225327361c96b9af0\|
.casalemedia.com/	1970-01-20 15:05:45	Name: CMID Value: YzTeYlWC3AUqt6V1WbSzAgAA
.casalemedia.com/	1970-01-20 08:29:45	Name: CMPS Value: 1136
.casalemedia.com/	1970-01-20 08:29:45	Name: CMPRO Value: 1136
.doubleclick.net/	1970-01-20 15:41:45	Name: IDE Value: AHWqTUmi6xFEZQzXxy73P3ugL3g2AVQNE3XUqgmtIII6CggxFRJx9P6Tam0aEPni
.adnxs.com/	1970-01-20 08:29:45	Name: uuid2 Value: 8931188880756835445
give.salvationarmyflorida.org/	1970-01-20 15:44:37	Name: qcSxc Value: 1664409186988
.quantserve.com/	1970-01-20 08:29:45	Name: d Value: ECgBDAGaJ7mvYAIY56iMA_mPnQ0YwpSN
.salvationarmyflorida.org/	1970-01-20 15:44:37	Name: __qca Value: P0-371118956-1664409186983
.demdex.net/	1970-01-20 10:39:21	Name: dextp Value: 470-1-1664409185821\|1175-1-1664409185940\|3462-1-1664409186097\|30646-1-1664409186203\|49276-1-1664409186341\|144230-1-1664409186441\|144231-1-1664409186542\|144232-1-1664409186661\|144233-1-1664409186762\|144234-1-1664409186863\|144235-1-1664409186963\|144236-1-1664409187064\|144237-1-1664409187165
.spotxchange.com/	1970-01-20 07:00:28	Name: audience Value: b328b3e2-3f88-11ed-ad45-14e583300206
.rezync.com/	1970-01-20 10:39:21	Name: zync-uuid Value: 89842490-7275-41ed-bd68-96d4d4588b1e:1664409188.058233
.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: btIdentify Value: 7383f9ca-cdf5-405e-f906-4c1d2f76a64b
.salvationarmyflorida.org/	1970-01-20 06:20:12	Name: _bts Value: 296b4541-4216-4f31-de74-1c4fd5515eb0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2MjM0MbYwNBLiM9RNLUzK8PM30nU0SgkBAFsS2vMlAAAA
.rfihub.com/	1970-01-20 15:41:45	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2MjM0MbYwNBLiM9RNLUzK8PM30nU0SgkBAFsS2vMlAAAA
.adnxs.com/	1970-01-20 08:29:45	Name: anj Value: dTM7k!M4/0D>6NRF']wIg2E?apLeBu!]tam8i_jAez_UZ18%4r[k^eS8^#A:A8[Q`Ic-na:xhq:E@YI-?[P_>T6!@:5+M6K3k>lG_sx_w4Klmu3NoHj!e=XK(Ed5b>w-/6PRAGJ
.casalemedia.com/	1970-01-20 08:29:45	Name: CMTS Value: 5153
.media.net/	1970-01-20 15:05:45	Name: visitor-id Value: 3074107887631198000V10
.media.net/	1970-01-20 15:04:18	Name: data-rk Value: 5134455419326143812~~3
live.rezync.com/	1970-01-20 10:39:21	Name: sd-session-id Value: .eJwNykEOgjAQBdC7zJqaTvunTHsZInYWjYKG4kbC3WX5knfQ9LFtua-27lT27WsDPV7tUqdyUG-_xZ5USDgCIuAcQ2JE5UDnQN16b-91avU6mhUB2bsxjOLAVt1ck7qcKipEdWYrnBLgM6vevGiIkc4_Z6skvQ.YzTeZA.Lysv_VeFAP8zFPMTXLCSumo4Yyg
.salvationarmyflorida.org/	1970-01-20 15:05:45	Name: _bti Value: %7B%22app_id%22%3A%22salvation-army%22%2C%22bsin%22%3A%22xdOrf%2FlkUL1wVLcAWh5eY9HDC1b2syKD6rdEUM3oNItgw8RoXr3OCt%2B9SkHItvOjBFU5pyLerbZzxSSaZuksug%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: wds_random Value: 2022-09-28T23:53:06.631Z~2022-09-28T23:53:06.631Z\|1931471772101161\|15\|
.salvationarmyflorida.org/	1970-01-20 15:56:09	Name: __WDS1 Value: %7B%22da_100423%22%3A%7B%22hu%22%3A%222022-09-28T23%3A53%3A08.931Z%22%7D%7D
.krxd.net/	1970-01-20 10:39:21	Name: _kuid_ Value: PG17Xpnk
.eyeota.net/	1970-01-20 06:20:09	Name: SERVERID Value: 17518~DM
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129fdP8gxNTSlOMfZMMUmJNHIL8cgoiAQAEA8tyB4AAAA
.rfihub.com/	1970-01-20 15:41:45	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129fdP8gxNTSlOMfZMMUmJNHIL8cgoiAziNTQzMzExsDS0sDQwNJnFiOBbmJparkLjn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-Fxt_EiqafG829aPxFwqj8R2h8AFp6Q11NAQAA
.bidswitch.net/	1970-01-20 15:05:45	Name: tuuid Value: ce15f7bc-3821-4007-b8a3-d52e10d92bb6
.bidswitch.net/	1970-01-20 15:05:45	Name: c Value: 1664409189
.bidswitch.net/	1970-01-20 15:05:45	Name: tuuid_lu Value: 1664409189

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://bttrack.com/Pixel/Retarget/1023 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419326143812 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=89842490-7275-41ed-bd68-96d4d4588b1e%3A1664409188.058233 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://give.salvationarmyflorida.org/give/180131/#!/donation/checkout?utm_source=tsm-705&utm_medium=23ddjmadmfftdpr005&utm_campaign=dm_acquisition&c_src=23ddjmadmfftdpr005&c_src2=tsm_23_dm_acquisition Message: Access to font at 'https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff' from origin 'https://give.salvationarmyflorida.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://give.salvationarmyflorida.org/give/180131/#!/donation/checkout?utm_source=tsm-705&utm_medium=23ddjmadmfftdpr005&utm_campaign=dm_acquisition&c_src=23ddjmadmfftdpr005&c_src2=tsm_23_dm_acquisition Message: Access to font at 'https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.ttf' from origin 'https://give.salvationarmyflorida.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20841493p.rfihub.com
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
a.rfihub.com
aa.agkn.com
analytics.tiktok.com
analytics.twitter.com
api.braintreegateway.com
assets.classy.org
b.videoamp.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
bttrack.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.boomtrain.com
cdn.bttrack.com
cdn.heapanalytics.com
cdn.plaid.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
collect.tealiumiq.com
connect.facebook.net
contextual.media.net
d.turn.com
doublethedonation.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.salarmy-miami.org
give.salvationarmyflorida.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js-agent.newrelic.com
js.braintreegateway.com
js.stripe.com
lasteventf-tm.everesttech.net
live.rezync.com
m.stripe.com
m.stripe.network
n.clarity.ms
notify.bugsnag.com
p.rfihub.com
partners.tremorhub.com
pay.classy.org
pay.google.com
people.api.boomtrain.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
ps.eyeota.net
pt.ispot.tv
pxl.qccerttest.com
q.stripe.com
r.stripe.com
rules.quantcount.com
sc-static.net
secure-ds.serving-sys.com
secure.quantserve.com
sessions.bugsnag.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
syndication.twitter.com
t.co
t.paypal.com
tags.tiqcdn.com
tags.wdsvc.net
thesalvationarmy.demdex.net
thesalvationarmy.sc.omtrdc.net
tr.snapchat.com
unpkg.com
us-u.openx.net
www.clarity.ms
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
104.18.19.126
104.244.42.195
104.244.42.5
104.244.42.8
104.75.88.194
108.138.17.118
108.138.7.42
13.32.121.41
13.32.121.61
13.36.218.177
142.250.185.194
142.250.186.162
151.101.1.21
151.101.128.176
151.101.130.133
151.101.130.49
151.101.194.132
151.101.2.137
162.247.241.14
185.64.190.80
185.94.180.126
192.132.33.46
192.229.221.25
193.0.160.129
193.108.153.28
199.232.136.157
2.18.235.93
20.234.93.27
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::13
212.82.100.182
23.23.175.40
23.36.163.228
23.96.109.67
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:1f18:612b:4216:319:ee2:5022:1df1
2600:9000:223c:1c00:1:76cf:fe80:93a1
2600:9000:223c:6c00:6:44e3:f8c0:93a1
2600:9000:223d:6000:11:615:7240:93a1
2600:9000:223e:6a00:19:7d10:bd80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::ac40:929e
2606:4700:440e::6812:2fe6
2606:4700::6810:7baf
2606:4700::6812:7115
2606:4700::6812:843c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c06::5c
2a00:1450:400c:c08::9c
2a00:1450:400e:80f::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.121.27.153
3.33.220.150
3.64.233.235
3.94.157.102
34.193.169.174
34.248.32.199
34.98.64.218
35.190.43.134
35.211.178.172
35.244.174.68
37.252.171.149
52.143.247.24
52.184.204.244
52.222.225.250
52.222.236.28
52.29.114.196
52.29.159.59
52.30.247.235
52.41.97.242
54.164.251.248
54.171.98.27
54.187.119.242
54.77.143.129
54.77.178.38
54.81.23.211
69.16.175.10
69.173.144.138
69.192.160.219
76.223.34.124
96.16.147.243
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
07e25798a39735234081ef58366d993aea5968f41073491cc234566c8cf021eb
08fe8d0acad648eb24d411f760eebad8e0cfc0f07895da4b3de3953418f0d444
0930f6ebcad20c12b15d709841cb3f014853624e90c446c931fb8f213a9a7c93
09a3a9427f1d1cc4b9287122bdc9b2f61daefa802c1892c529dfdce578e0245e
0a85736ae01bf35217a144d9ed1eb90d5156892daa52975c7f92da0c72a9f3e9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c216f2a622555cb074045c0c33fdc6a8a3627c9a35d695f746572f6d18d73a1
0ee385417aac5bba7a8a493f58f1a8871b601f63e55548d343d4f7981482d5ea
11950f1b39836cbd5aae1f74a8d22594b1a5fc244f7601e8086cccdde1d71689
1296aa53b13681bec66a4ac4e4112e282db828f847e6945276e1819fdab551de
14aafae607f356d196722cc177fb050f4eb8d4b0471e002dc696460f2c99c1db
18b5a4e9344ec42545b86ac639ca57c054944d17a3aab1cd5af9199698ddd032
1dcc4c1655574fcdca285969902fe4162901569b4eb11a27c466c177dd4e04f6
22ab820eb0cd7499aae59462b183954b42e131fe1a6c34f7ba966a525d1ac3bc
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2e430b6b69f8f513325bc9615e3b6da1814c5ec33b3fa105a64c72d7be23c3c3
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3a91043cc610fb056ad6172b64c2c3fd0002f819a85ef6f11ac61d1694da99c4
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3cf0b7b75c97b9ffd7106c1273143a0d0939527246f28aac12d97160eb55c281
3de8cfadcd96ac84bdf4981517cec0a39b7aa793fb5dab6c4b035aa2f867c619
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
40761077acc4185a26551c3041b3381cde4aa9c5e86efc9d4afb92cb7d0c0e5a
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41d7f6f644e2970840b092341422d9299c916a6cc1f6ea6b6709ab06629c0674
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d008a3c28d1a168a199b3c2843b22398d629515a5bd302b8bada42edd1dcda
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a91c17a8c9a557a43954a338ef035d85b7b7987a1db27aca930b1fbaa88674
47ca0bc12b3b10bfd372c2dda453058e5b53578a7dd1891c780dc10e95219540
4846ed9fbf90b602b458049696c0d90b94b72f6654df98fd23f3eb1e3bc8ea24
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9c37b8ccb84e7dd5383101a8d15530b184444e84fa287dcda321e0f874442f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5031da68633062c6e6d886913d5ed215d411be1547de572ae691644566928e5f
50d9b036bbed2d99a2277ca6a7afb4a3fd052126f7d1174949a43a2582d9853d
517d34e0756e5652dcb865ea9d724fcc277aee52202c711a27c4a5832afe9a96
51e81f808cc75245f5973c3e873296566dcaabcc89c0a995b059f3fe5c0c048a
5212a690144cfd6015a4aadd083fc9c92fc30c68d0a0ecb971f6689b189bb815
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553ab8953c01e9e4fe0becc8f65e2773beb7f562ac053f0745236a0954b9d285
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a7e4fd1cfb635e66f5b1328abe4e1e09ec92139193d0817ccb9266833aa31bc
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
636eb1e207d7c0ca123d2fd6818af868e12084214b0cc3c73230e576ca513431
638ff6daea170c8a6afd2c562d83b9c33f6d5824006f8d614afd0c23b40d4516
644b1dc128aeb5f8fc32da99fc12116c891511b0f04acb8c147875282e876992
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64d9811626c38bc96c05f842d65a1a598d62ce137b8182d61a2d8ee3c3d21adb
6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
68849ac2087b3952eab5662576f0e496cb111e17c2918b169d0b0e9ac16652d7
690f0ad178150fd53d03e595eea01a5bedf7327879b6d0f7b35d1fd8a0081b75
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afffc9c663281b8ceadfb865ed184da506ec44f281f639e188bdcacfe012a29
6b27bad7b5a085978def92a66d3a36d7bf276bff065cb7ec55e22232cacd66b9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70949dfacaeb3a260ae6b9c34f825e930053e26318837438b67b86e38cb781b3
719d73fa9c92b39ad666ca01a4840d0729480361a4a8fe0f11390804714ce228
736a1bad31fbc2b98f6c4da6011272321d3e71b8b30150dd148a73f259281703
7622f62bc305117db4012f7b73d478a8289b37cffeb0291b9638eac21d9e5d35
76b8336033141446c4913c27cec319a0a15ceadbde90cb86097481b36bead461
787ba1fcfe12a6c706bd6add0f869e9b6c72003a53dc6d603362cc13cc5d4579
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c186b181c2b304128e01a79f168877266264a92db74fc6ef703e1e514e0f492
7c5a6330f49c3939198adebfb5d4044f3cbce610461c9fab2266965b6838b15f
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8040ffcde69d17a00a842c01c1c872ab513ebb920c6a74033f852180226178d5
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837113b700bf837d671eaf360a8ac70a77d336def15172a8ad6217c7c0bc2cde
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c147d47f52660f079023d32b97c8e4f043549ed300b6d2a5f9f9705d4f812f
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
877bd1ebcdf00b492403d2cddaa66e9fa53b0391fab5f36d72f8a482a59ac69d
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
9228cacf02a63154bc12fc359842dc781d9af40a47a73553226ccb8a47747d68
923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63
92c592a62ae6dd6a943220b773a9ac314de7ef4748d742a4ddd1fb2264c431a9
930bb849a34c23019835428b195cd0b34075a59feb0398ddf30f9ddd12e8a265
9385524dae00056fd7eab065c6c8685e1e6ffc69a9741435ddd6f41f404f98c4
94459196b3ffcd6f2c5793ed9f26a86e0fec2ac1058805046dccf9566e354e33
946e7531f5392e797b7e514a9dc22a66d77d073efbe88ad5731bc1583e698def
95fd59d301ce000ce5dcc1de36e8b8078c9ddece1223ddc35076e8163ed3a8c6
97689e6fecb2083b96992c7b895666eb5dc55b74c671f8b2f32158d46458659f
9782bcb67136c1b667cf6e26334c5d1ce6cdf0adc943f5a36aef6f9cb5affd14
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9adadf7cd410549b72f35ed708ee97fb6d214e87f3d18da2472d811aa0e5cc10
9b48e30990ffeb08fe0906ffc30bc878dfd5f68fcec4c323d7e74e6ccca6a946
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9cbfd7db1a17809ae93d50b02f07ceee72087fdc371e2bc33f3bdbd4c1356f4b
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e6ee5d369e4fea8821fd34d180c466fbf6bb9ca6a91f1488edc024bd6a2c4bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0921dcacbadd3da3a6827da2daf7778177e20fe25af058889961bb6aafefc7f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a360b3b601dc2320b746b3edd56cf39dc7befe2d1c01bce5e422c01068b52f
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a434a767f0e06dfc3e663711627af363adeeb4ed4d3e9a2ccfe6b0f322cec83a
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aaf7f83561a0ed4cf0937ef9b54c056da5882edd661103d08207dcc76594b1b8
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
ae4cf8bf18ec6adf0aa481a46ceb0522b40b2e065be1a8e09a7626f7771f726a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeebf997ef2056cb73f0826fdcdb3bbdde2a20c9e0582550a98706c81051d429
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba792065cba09cd66b50599ded9d2fdf35b2e64aa0453a7796a81b91bf2e27b8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8b30a2490929ed1dee1bba75c6bc41fba6efe74732d1c214b23180b42a5c51
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
c34e0ccac39f295282fae930dbfb43da8880bd6c08ad34142458d36f13e98627
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c40b742820bfa7a498ef2d9283159a8ad169e1277a8e62e8a17c3267cf971842
c6485cc465737580ebcfc7ae4afaa2aa90ff79f4b0b241962599ce24c2027868
c687f002a0d87094d86edf4516599487ddc3d9b4b3f61de0fb8dff17d52dd724
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce9162574dc014dc146dd71da036b0e5409afd9201e80de59081a6b53746841d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d721d0376489c64797496a4abcfbc8374d1a18393975de6891389933212a879c
d79131e9ac578c067846f3a8b9c4b24408d9556fe4dccbac6684806095846c68
d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db2cc14adb7e3abc4da916f97a6c7124de71a6bb166d01f71926b64f7886c690
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a8709a1c978bbdee2606a42b713586496c904986d0cbbfbfdd6e82cb35abf9
e92bdaec9274f58546aea96f3cb3307421079b45b906ce03059262c76dedbff8
ebacb8069ea13a513ec42f29ad43140bb58a53c7206f0d65dbdbfbff75d6befd
ebc83275896774bb120f5d219e261de37dc5a8c39aa149b35adf350e16d6542e
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00818a839723cb67fae65722d66e151e0c9870163f67f4fd6b37513b45afc42
f29284391b13047f31dca4a8517dbad440d7c6172031241515f30b4527c4a3cb
f2f75da67c6cfb06a8b52ab9fe4dfd71fac89c38318dd15a43832367f4758273
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e9d82611b8979f9bc5ca9088f68d5f50db9cb407538a3798a1a0b01a07681e
f612efd4f37758eacb84700835d693dbb1387d18a02f8dd11c9de54ed007c4a5
f7cde63eb9717e62947cafa990292ad5bcc4969e19ab847887f11ad9237511c0
fcf704e1d70fcb7c71ff20dc971bf44e5cf80095feabf3fd0d9fe138a17c7571
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.salvationarmyflorida.org Open in urlscan Pro 2606:4700::6812:7115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

375 Requests

94 %HTTPS

33 %IPv6

75 Domains

103 Subdomains

90 IPs

8 Countries

4969 kBTransfer

16895 kBSize

106 Cookies

7 Outgoing links

Page URL History

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

give.salvationarmyflorida.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

94 %
HTTPS

33 %
IPv6

75
Domains

103
Subdomains

90
IPs

8
Countries

4969 kB
Transfer

16895 kB
Size

106
Cookies

375 HTTP transactions
0 data transactions