Submitted URL: https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6242&srctid=1&erid=10...
Effective URL: https://careflight.org/our-current-appeal-covid-19/
Submission: On June 18 via api from BE

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 64 HTTP transactions. The main IP is 103.242.49.245, located in Australia and belongs to SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU. The main domain is careflight.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2020. Valid for: 3 months.
This is the only time careflight.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 61.14.102.28 9738 (BRENNANIT...)
2 33 103.242.49.245 133044 (SOL1PTYLT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
11 216.235.207.153 3561 (CENTURYLI...)
7 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
64 10
Domain Requested by
33 careflight.org 2 redirects careflight.org
11 bbox.blackbaudhosting.com careflight.org
bbox.blackbaudhosting.com
7 www.facebook.com careflight.org
connect.facebook.net
5 www.google.com careflight.org
www.gstatic.com
bbox.blackbaudhosting.com
4 connect.facebook.net careflight.org
connect.facebook.net
2 www.google-analytics.com careflight.org
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com careflight.org
1 ajax.googleapis.com careflight.org
1 fonts.googleapis.com careflight.org
1 donate.careflight.org 1 redirects
64 11

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
careflight.org
Let's Encrypt Authority X3
2020-05-27 -
2020-08-25
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
www.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
*.blackbaudhosting.com
GeoTrust TLS RSA CA G1
2019-10-11 -
2021-12-09
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh

This page contains 7 frames:

Primary Page: https://careflight.org/our-current-appeal-covid-19/
Frame ID: 53505A0223124208B146A471FD3EBB4D
Requests: 58 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df314ab7c0d83ae%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff573429068e5b4%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1592481694649&sdk=joey
Frame ID: 40A4F98E6E20DBEF8F8993D7ED9F4D3A
Requests: 1 HTTP requests in this frame

Frame: https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/MongoServer.html?xdm_e=https%3A%2F%2Fcareflight.org&xdm_c=default7618&xdm_p=1
Frame ID: 5E54C63F8C893F856653E7BA24DC0BB3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=6ekivwwkl02
Frame ID: 32E7552749375918D3E2555B05118EA3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customer_chat/bubble
Frame ID: C2B38283A03CF103684FD7DD73D77C54
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=wz850ucmctj0
Frame ID: 0DFF97AE1CFEA445F3E3D9D7B104D4B1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=dysoeysuod54
Frame ID: 23E1ECBA99432ACF9C7650862A23DCF2
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6... HTTP 302
    http://careflight.org/our-current-appeal-covid-19/ HTTP 301
    https://careflight.org/our-current-appeal-covid-19/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

64
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

1266 kB
Transfer

3342 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6242&srctid=1&erid=1053290&trid=24c393c3-f27f-4a74-b150-21ddabe140b1 HTTP 302
    http://careflight.org/our-current-appeal-covid-19/ HTTP 301
    https://careflight.org/our-current-appeal-covid-19/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://careflight.org/media/Most-reputable-charity-2019-WHITE HTTP 301
  • https://careflight.org/media/Most-reputable-charity-2019-WHITE.png

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
careflight.org/our-current-appeal-covid-19/
Redirect Chain
  • https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6242&srctid=1&erid=1053290&trid=24c393c3-f27f-4a74-b150-21ddabe140b1
  • http://careflight.org/our-current-appeal-covid-19/
  • https://careflight.org/our-current-appeal-covid-19/
37 KB
9 KB
Document
General
Full URL
https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8b1da6619d6731f4c0a60d03896c941f261c0f0bf8588391643450ad0613d4d4

Request headers

Host
careflight.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:30 GMT
Server
Apache/2.4.18 (Ubuntu)
Cache-Control
private, proxy-revalidate, s-maxage=0, max-age=604800
Link
<https://careflight.org/?p=7174>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Expires
Thu, 25 Jun 2020 12:01:30 GMT
Content-Length
9276
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 18 Jun 2020 12:01:29 GMT
Server
Apache/2.4.18 (Ubuntu)
Location
https://careflight.org/our-current-appeal-covid-19/
Content-Length
259
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
iframe_resizer.js
careflight.org/wp-content/themes/careflight2016/js/
13 KB
5 KB
Script
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/js/iframe_resizer.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 02:29:08 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3343-5699d852c430e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5175
Expires
Sat, 18 Jul 2020 12:01:32 GMT
style.min.css
careflight.org/wp-includes/css/dist/components/
81 KB
13 KB
Stylesheet
General
Full URL
https://careflight.org/wp-includes/css/dist/components/style.min.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4c004b5da51137c8cb98bbcb2c7ac5bb2c84bd0362065807b4f76160b85c5271

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2019 06:29:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"144c3-59474682dbed9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13260
Expires
Sat, 18 Jul 2020 12:01:31 GMT
css
fonts.googleapis.com/
10 KB
954 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C400i%2C700%2C700i
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 10:49:03 GMT
server
ESF
date
Thu, 18 Jun 2020 12:01:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 12:01:31 GMT
style.min.css
careflight.org/wp-includes/css/dist/block-editor/
72 KB
9 KB
Stylesheet
General
Full URL
https://careflight.org/wp-includes/css/dist/block-editor/style.min.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e4b1fe2afad897c08a815e32ae07eeaa7db58ecfe48d75622db313450ebb59e9

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2019 06:29:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"11f74-59474682e1c99-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
9011
Expires
Sat, 18 Jul 2020 12:01:31 GMT
style.min.css
careflight.org/wp-includes/css/dist/nux/
2 KB
1 KB
Stylesheet
General
Full URL
https://careflight.org/wp-includes/css/dist/nux/style.min.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
dec2ef0b6843c1b310d824f841cea765bdf85cb4700b942b010aa8aa1c201d88

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2019 06:29:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"8ab-59474682dbed9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
618
Expires
Sat, 18 Jul 2020 12:01:31 GMT
style.min.css
careflight.org/wp-includes/css/dist/editor/
16 KB
4 KB
Stylesheet
General
Full URL
https://careflight.org/wp-includes/css/dist/editor/style.min.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
786b58610788fd938ae249f403907d9896a0303702911df6e18c91dbb45e6c5b

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2019 06:29:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3efa-59474682dde19-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3637
Expires
Sat, 18 Jul 2020 12:01:31 GMT
blocks.style.build.css
careflight.org/wp-content/plugins/wallsio/block/dist/
0
351 B
Stylesheet
General
Full URL
https://careflight.org/wp-content/plugins/wallsio/block/dist/blocks.style.build.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:31 GMT
Last-Modified
Thu, 30 Apr 2020 03:28:19 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"0-5a479a7fac2ed"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
0
Expires
Sat, 18 Jul 2020 12:01:31 GMT
style.min.css
careflight.org/wp-content/themes/careflight2016/css/
218 KB
33 KB
Stylesheet
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2bc24196b7a54ea5b375954cee8b26cd5d247a609b2c6e2e4394ec295aed5ba2

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Feb 2020 06:06:26 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"36907-59f6049b9b60e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33201
Expires
Sat, 18 Jul 2020 12:01:32 GMT
careflight-covid.css
careflight.org/wp-content/plugins/careflight-covid/
7 KB
2 KB
Stylesheet
General
Full URL
https://careflight.org/wp-content/plugins/careflight-covid/careflight-covid.css
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f07fb6ddc3a2b18bc838ff26f6a3685175756126d6ba6c196e8986389a030d56

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 May 2020 04:14:37 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1ad6-5a48e6b655054-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1589
Expires
Sat, 18 Jul 2020 12:01:32 GMT
logo.svg
careflight.org/wp-content/themes/careflight2016/img/
5 KB
2 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/logo.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bfa5856d0fe8397f95aecb52b2a3a01fdb7122432fdba3c22615a394245ea728

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:59 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"130d-53e8d514f0fc0-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1792
Expires
Sat, 18 Jul 2020 12:01:34 GMT
Medical-cross_14x14_.png
careflight.org/media/
253 B
608 B
Image
General
Full URL
https://careflight.org/media/Medical-cross_14x14_.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
468fa113e197755326dc3ef8855b867785af4a7280675a014c9137055cda0d66

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Last-Modified
Tue, 03 Mar 2020 03:15:59 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"fd-59feab90bf4cb"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
253
Expires
Sat, 18 Jul 2020 12:01:34 GMT
Most-reputable-charity-2019-WHITE.png
careflight.org/media/
Redirect Chain
  • https://careflight.org/media/Most-reputable-charity-2019-WHITE
  • https://careflight.org/media/Most-reputable-charity-2019-WHITE.png
55 KB
55 KB
Image
General
Full URL
https://careflight.org/media/Most-reputable-charity-2019-WHITE.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2717d276b35434202bf3ffcbaec028c33ff5831624a23f93cb4de882ddb44e6b

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Last-Modified
Thu, 02 Apr 2020 01:51:00 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"da90-5a245085fc642"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
55952
Expires
Sat, 18 Jul 2020 12:01:35 GMT

Redirect headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Redirect-By
Yoast SEO
Content-Type
text/html; charset=UTF-8
Location
https://careflight.org/media/Most-reputable-charity-2019-WHITE.png
Cache-Control
private, proxy-revalidate, s-maxage=0, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=93
Content-Length
0
Expires
Thu, 25 Jun 2020 12:01:34 GMT
ico_in.svg
careflight.org/wp-content/themes/careflight2016/img/
1 KB
936 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_in.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8436d428ac9fc16c10356bb4acc7febe0446d4c60bc628d32a8cce32b4aa6724

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:35 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"442-53e8d4fe0d9c0-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
524
Expires
Sat, 18 Jul 2020 12:01:35 GMT
ico_tw.svg
careflight.org/wp-content/themes/careflight2016/img/
1 KB
1 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_tw.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8d27417e97dd6f91c27a5c5b7c8631eca5d7dfadfa666c5b938dd2d7527040de

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4b9-53e8d5102c480-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
655
Expires
Sat, 18 Jul 2020 12:01:35 GMT
ico_is.svg
careflight.org/wp-content/themes/careflight2016/img/
1 KB
995 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_is.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7a16d7f2f59e0c2ce6d219e6663ef2fc53fc7dfdfabcc3f42d8d7d73c72c7fc1

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:37 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"500-53e8d4fff5e40-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
583
Expires
Sat, 18 Jul 2020 12:01:35 GMT
ico_yt.svg
careflight.org/wp-content/themes/careflight2016/img/
2 KB
1 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_yt.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f029937a965dfc36c373189845e327ba1cfe14f0eb87b61bc1a8aeb46dd0315b

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:57 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"625-53e8d51308b40-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
856
Expires
Sat, 18 Jul 2020 12:01:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616110
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jun 2021 08:53:02 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/
58 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7531491
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
0368e75308000007427d068200000001
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Mon, 23 Mar 2020 04:01:28 GMT
server
cloudflare
etag
W/"5e783498-e6bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5a54db31a8c60742-FRA
expires
Tue, 08 Jun 2021 12:01:32 GMT
careflight-covid.js
careflight.org/wp-content/plugins/careflight-covid/js/
2 KB
2 KB
Script
General
Full URL
https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1b146e335e184e551f5793bed9a8a8a41b04a9c6218b332c75c1d17fcda17a51

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 May 2020 04:14:37 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"9fc-5a48e6b656f94-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1233
Expires
Sat, 18 Jul 2020 12:01:34 GMT
scripts.js
careflight.org/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://careflight.org/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 04:22:15 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3868-5a0a0b297459c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
3993
Expires
Sat, 18 Jul 2020 12:01:34 GMT
api.js
www.google.com/recaptcha/
708 B
539 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
286acdb13f485e867c91a935546adb91fd560b48d9112b4fad7e03883c15d815
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
1; mode=block
expires
Thu, 18 Jun 2020 12:01:32 GMT
plugins.min.js
careflight.org/wp-content/themes/careflight2016/js/
188 KB
49 KB
Script
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/js/plugins.min.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3a30d6c0e5d80748803ed43548af50afbafe0dea396c6aeae5302f69475d4f4e

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Dec 2016 19:50:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2ee03-543cbe3854480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
49593
Expires
Sat, 18 Jul 2020 12:01:34 GMT
main.min.js
careflight.org/wp-content/themes/careflight2016/js/
10 KB
3 KB
Script
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/js/main.min.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9cf18f759e9c5510c65575e7df1566f9addf64e8a04e6d40d34325a4241402be

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 02:54:27 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2662-5699ddfb01c06-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2659
Expires
Sat, 18 Jul 2020 12:01:34 GMT
fbevents.js
connect.facebook.net/en_US/
131 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
65/sZ9PxILlgesWVmCfS2jA2jdoF2X6rwTKHzXVQYMn3hz92C9SY0juIGW9sYxLj1PAV2ZOnD7ih69LoN5GHPQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 18 Jun 2020 12:01:32 GMT, Thu, 18 Jun 2020 12:01:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/
261 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8057874ffff44913741f7cccd8e375c8d1694f1f3a112e56f4ee0430cb0451f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SslTNSC1VRbQTIGO7BaCTQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=3600
content-length
76934
etag
"c64ee62090118c57e3db2327d0062e36"
x-fb-debug
GjGym3v4qFfKDI53UmuFpZsVf8+72qtZ23dAwJ8Y+3t86Z6wl5b1NCemRmJjJSoaXf+ltj8xhEtXL3XQLAkl4g==
x-fb-trip-id
664085054
x-fb-content-md5
87d3667ff37689fe13fb6304cb5a6564
x-frame-options
DENY
date
Thu, 18 Jun 2020 12:01:32 GMT, Thu, 18 Jun 2020 12:01:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Jun 2020 12:05:40 GMT
ico_down.png
careflight.org/wp-content/themes/careflight2016/img/
123 B
478 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_down.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c85b4ec982cf6de7bb2b7b76bb26bd3686b5d2835db33490b483c1ba9d15a963

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:33 GMT
Last-Modified
Tue, 11 Oct 2016 02:05:27 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7b-53e8d4f66c7c0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
123
Expires
Sat, 18 Jul 2020 12:01:33 GMT
ico_search_grey.svg
careflight.org/wp-content/themes/careflight2016/img/
749 B
826 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_search_grey.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
04d7929ba4f2bd3278d40ef67a722d4e1460c7fa1a593c4e3c6ac4b5784c03a8

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:53 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2ed-53e8d50f38240-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
414
Expires
Sat, 18 Jul 2020 12:01:33 GMT
bg_blue.png
careflight.org/wp-content/themes/careflight2016/img/
371 B
727 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/bg_blue.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aa147e2535dca18d1c6f35b61df283321e05835d43118cba60c8cd1f478bfc87

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:33 GMT
Last-Modified
Tue, 11 Oct 2016 02:04:55 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"173-53e8d4d7e7fc0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
371
Expires
Sat, 18 Jul 2020 12:01:33 GMT
ico_bread.svg
careflight.org/wp-content/themes/careflight2016/img/
438 B
705 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_bread.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
751327d2a90499eb5a6c4a220113580933c957e42b0e4350c6abc9cef4d5fc54

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:13 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1b6-53e8d4e912840-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
293
Expires
Sat, 18 Jul 2020 12:01:33 GMT
Tax_appeal_2020_1-1400x499.jpg
careflight.org/media/
323 KB
323 KB
Image
General
Full URL
https://careflight.org/media/Tax_appeal_2020_1-1400x499.jpg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aa9946f3ea0301e1e49f90b74fcd479f7333b096298b7d0441b4cd51a5ac72d7

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Last-Modified
Wed, 15 Apr 2020 06:11:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"50a44-5a34e304698b2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
330308
Expires
Sat, 18 Jul 2020 12:01:32 GMT
CenturyGothic-Bold.woff
careflight.org/wp-content/themes/careflight2016/fonts/
24 KB
25 KB
Font
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/fonts/CenturyGothic-Bold.woff
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
60b9498ecd22f33407fb44aba2af7c313d5991aa23666f7e3876d4944ea6b71d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Origin
https://careflight.org

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Oct 2016 23:40:06 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6094-53e8b4796e180-gzip"
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
24657
Expires
Sat, 18 Jul 2020 12:01:32 GMT
CenturyGothic-Regular.woff
careflight.org/wp-content/themes/careflight2016/fonts/
24 KB
25 KB
Font
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/fonts/CenturyGothic-Regular.woff
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8d81303ca0a6e8aad0fe6030abf5b3f1b3febe866a31e01c1221a11a4446f72d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Origin
https://careflight.org

Response headers

Date
Thu, 18 Jun 2020 12:01:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Oct 2016 23:40:11 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6180-53e8b47e32cc0-gzip"
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
24878
Expires
Sat, 18 Jul 2020 12:01:32 GMT
bbox-min.js
bbox.blackbaudhosting.com/webforms/
167 KB
55 KB
Script
General
Full URL
https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
2d687e30b200ff0349d6e0f975712494f0a5b689e98555b0b1bec7cc8c8878b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 06 Jun 2020 05:35:20 GMT
ETag
"01c5444c43bd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:32 GMT
Accept-Ranges
bytes
Content-Length
55409
bg_blockquote1.jpg
careflight.org/wp-content/themes/careflight2016/img/
38 KB
38 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/bg_blockquote1.jpg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1ec9d45805459582fb9ad493c203c2221a57e65cb97aae39428e96b08ab4c527

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:35 GMT
Last-Modified
Tue, 11 Oct 2016 02:04:55 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"980a-53e8d4d7e7fc0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
38922
Expires
Sat, 18 Jul 2020 12:01:35 GMT
bg_footer.png
careflight.org/wp-content/themes/careflight2016/img/
1 KB
2 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/bg_footer.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6ed749cfc070ab413d757bb94a0f6f84044c80cfbcdcea860ab92a48b417209c

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:36 GMT
Last-Modified
Tue, 11 Oct 2016 02:04:57 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5a0-53e8d4d9d0440"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1440
Expires
Sat, 18 Jul 2020 12:01:36 GMT
ico_fb.svg
careflight.org/wp-content/themes/careflight2016/img/
853 B
840 B
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_fb.svg
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
759fe9a50c63d1a02d80fd4e56a78a1c55e4eb34649a0f5a5be72a367172ca77

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 02:05:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"355-53e8d4fc25540-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
428
Expires
Sat, 18 Jul 2020 12:01:36 GMT
ico_up_m_grey.png
careflight.org/wp-content/themes/careflight2016/img/
998 B
1 KB
Image
General
Full URL
https://careflight.org/wp-content/themes/careflight2016/img/ico_up_m_grey.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
40c45f169f29dcf56524d4b80851d7baa85e8ae730b40de495f2004fd2021758

Request headers

Referer
https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 12:01:33 GMT
Last-Modified
Sun, 13 Nov 2016 08:08:32 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3e6-5412a3aa6e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
998
Expires
Sat, 18 Jul 2020 12:01:33 GMT
2092665377671548
connect.facebook.net/signals/config/
516 KB
130 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2092665377671548?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7bcf71964e965622160d8cf62374abd1181c4c3a1114a3e5bffd6c0f00da0713
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
4AO9G5mDC9KcNefLtu2JmzGnEIA5W7hw+3y1cT/xCyJr8cb8X54wgfwCfqyhPI2Oe+osRq0HtGmK0yvOi51JxQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 18 Jun 2020 12:01:32 GMT, Thu, 18 Jun 2020 12:01:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2092665377671548&ev=PageView&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1592481693005&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592481693004.1604635961&it=1592481692830&coo=false&rqm=GET
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:33 GMT, Thu, 18 Jun 2020 12:01:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Jun 2020 12:01:33 GMT
/
www.facebook.com/tr/
44 B
213 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2092665377671548&ev=Search&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1592481693007&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592481693004.1604635961&it=1592481692830&coo=false&rqm=GET
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:33 GMT, Thu, 18 Jun 2020 12:01:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Jun 2020 12:01:33 GMT
/
www.facebook.com/tr/
0
82 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKSLZQXKrjV57poXo

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 18 Jun 2020 12:01:33 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://careflight.org
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
ajax_loader_border2.gif
bbox.blackbaudhosting.com/webforms/images/
7 KB
7 KB
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/ajax_loader_border2.gif
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
18a44681500a925fc32b3da12bf8c1f3b76d1bfed769546efa26258b2db1df2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
ETag
"0ea2fffc33bd61:0"
Content-Type
image/gif
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:33 GMT
Accept-Ranges
bytes
Content-Length
7160
recaptcha__en.js
www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/
316 KB
124 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 16:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Jun 2020 04:05:48 GMT
server
sffe
age
242325
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127301
x-xss-protection
0
expires
Tue, 15 Jun 2021 16:42:49 GMT
883658725102198
connect.facebook.net/signals/config/
516 KB
129 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/883658725102198?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0068d0785553f23b9ef0c3f6bec8b1a4031b33994574564b37aec74f3e7c01b0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131672
x-xss-protection
0
pragma
public
x-fb-debug
Ucc7ep+1rbtlTP9u8Gmdfy2CPOPkoGq5OTjZurTDtdmDNQ6elcCKUligZplXXyXI9xzIQFyOMwy1ENhaDp0sqA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 18 Jun 2020 12:01:34 GMT, Thu, 18 Jun 2020 12:01:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4916
date
Thu, 18 Jun 2020 10:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 18 Jun 2020 12:39:38 GMT
customerchat.php
www.facebook.com/v2.12/plugins/ Frame 40A4
0
0
Document
General
Full URL
https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df314ab7c0d83ae%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff573429068e5b4%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1592481694649&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://careflight.org;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df314ab7c0d83ae%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff573429068e5b4%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1592481694649&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://careflight.org/our-current-appeal-covid-19/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=00dg5RpCue0U3c0Df..Be61ed...1.0.Be61ed.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://careflight.org;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.0
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
4HbalVFU0KY7swDxKu3eG5ITcBBrsvyvukfCLREGnPOAvqxgjJc+45nB5npZQ3UhJ92TDUEHM/8HFbvqpUr3HA==
date
Thu, 18 Jun 2020 12:01:34 GMT Thu, 18 Jun 2020 12:01:34 GMT
alt-svc
h3-27=":443"; ma=3600
MongoServer.html
bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/ Frame 5E54
0
0
Document
General
Full URL
https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/MongoServer.html?xdm_e=https%3A%2F%2Fcareflight.org&xdm_c=default7618&xdm_p=1
Requested by
Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
bbox.blackbaudhosting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://careflight.org/our-current-appeal-covid-19/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
NSC_QH-PMY=ffffffff090c1aab45525d5f4f58455e445a4a42378b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
Accept-Ranges
bytes
ETag
"0ea2fffc33bd61:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Date
Thu, 18 Jun 2020 12:01:34 GMT
Content-Length
397
anchor
www.google.com/recaptcha/api2/ Frame 32E7
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=6ekivwwkl02
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pDTj8+FMZnxMyqcqizlPEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=6ekivwwkl02
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://careflight.org/our-current-appeal-covid-19/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=ZBZJnrF7EvvkHLnE4xF_roXS86dtmscY2Y9CxiEOpQopIMFdmqjzAgnCa_8Zqg3JqxRdgpDyLo7drcCS9JyJawnM0zU-P1K2PLB3P6Gx633FDmhkxxK2vbBC_qQwjLp109Sn6V_5UNZmdvhX1D8bMaHeF5btLg_PXihLn8ksCZo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 18 Jun 2020 12:01:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-pDTj8+FMZnxMyqcqizlPEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9550
server
GSE
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/
35 B
130 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=368773058&t=pageview&_s=1&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&ul=en-us&de=UTF-8&dt=Our%20Current%20Appeal%20-%20CareFlight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=1682176091.1592481694&tid=UA-46016039-1&_gid=2095702533.1592481694&z=79639526
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 16:45:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
587790
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
129 B
Image
General
Full URL
https://www.facebook.com/tr/?id=883658725102198&ev=PageView&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1592481694792&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592481693004.1604635961&it=1592481692830&coo=false&rqm=GET
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:34 GMT, Thu, 18 Jun 2020 12:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Jun 2020 12:01:34 GMT
/
www.facebook.com/tr/
0
59 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryhKw6r9Vh1h8NizzD

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 18 Jun 2020 12:01:35 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://careflight.org
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
bubble
www.facebook.com/v2.12/plugins/customer_chat/ Frame C2B3
0
0
Document
General
Full URL
https://www.facebook.com/v2.12/plugins/customer_chat/bubble
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.12/plugins/customer_chat/bubble
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://careflight.org/our-current-appeal-covid-19/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=00dg5RpCue0U3c0Df..Be61ed...1.0.Be61ed.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.0
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
bWS9YagMLevMCQX8odyM2TxMFATTIWoKzG2jffFNO10ju4Gr7ydnHzl8Y5lS3y5FqgxZPL3oAcRlWoKtgWLA0A==
date
Thu, 18 Jun 2020 12:01:35 GMT Thu, 18 Jun 2020 12:01:35 GMT
alt-svc
h3-27=":443"; ma=3600
Tax-Appeal-Online-Form----Copy---239815---Generated.637277825432800000.css
bbox.blackbaudhosting.com/webforms/
45 KB
7 KB
Stylesheet
General
Full URL
https://bbox.blackbaudhosting.com/webforms/Tax-Appeal-Online-Form----Copy---239815---Generated.637277825432800000.css?id=467715&nodefaults=1
Requested by
Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
4f2cffe5af92d457840260f7f0879cc91b05e2bf4234ad3785d3050d15e44b1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 01:49:03 GMT
Date
Thu, 18 Jun 2020 12:01:36 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
private
Content-Length
7148
4a1e2070-f4a2-4c5d-aaca-1e0b9544f927.637277825429370000.css
bbox.blackbaudhosting.com/webforms/
7 KB
1 KB
Stylesheet
General
Full URL
https://bbox.blackbaudhosting.com/webforms/4a1e2070-f4a2-4c5d-aaca-1e0b9544f927.637277825429370000.css?id=467716&nodefaults=1
Requested by
Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
b8c7ca70defa31e5be92f8af7ea5d98ed7a40d703968b24c8fcacebcc27a38a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 01:49:02 GMT
Date
Thu, 18 Jun 2020 12:01:36 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
private
Content-Length
894
bbox-donation-min.js
bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/
34 KB
10 KB
Script
General
Full URL
https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/bbox-donation-min.js?v=-805298176
Requested by
Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
a3834b099917ad50875fa35b176e16d18d8b5c1648ed6e9040dca7c77c88503d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 06 Jun 2020 05:35:24 GMT
ETag
"076b646c43bd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:36 GMT
Accept-Ranges
bytes
Content-Length
9693
api.js
www.google.com/recaptcha/
734 B
559 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=renderReCAPTCHA&render=explicit&_=1592481697295
Requested by
Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67cf7e93daf7aa009775adb9ad6e76c28c695c6e51b188b6d649d6eb146ee959
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 12:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
468
x-xss-protection
1; mode=block
expires
Thu, 18 Jun 2020 12:01:37 GMT
bboxhelp.png
bbox.blackbaudhosting.com/webforms/images/
531 B
797 B
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/bboxhelp.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
058000394cc485bd8bd3a84871840fed25416bc309d618b0e014f33d4fa6f811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
ETag
"0ea2fffc33bd61:0"
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:36 GMT
Accept-Ranges
bytes
Content-Length
531
amex_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/
4 KB
4 KB
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/cards/amex_normal.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
5656cda8005313644d73fa53b51ada197ee1c25a5df5fd1dfa9c7a2d49f74193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
ETag
"0ea2fffc33bd61:0"
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:36 GMT
Accept-Ranges
bytes
Content-Length
3809
diners_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/
0
0
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/cards/diners_normal.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

mastercard_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/
3 KB
3 KB
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/cards/mastercard_normal.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
328d74f5028f8f5f02f611ea9231dfccec0654f92c6bbcb1225f292d25b0c706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
ETag
"0ea2fffc33bd61:0"
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:36 GMT
Accept-Ranges
bytes
Content-Length
2896
visa_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/
2 KB
2 KB
Image
General
Full URL
https://bbox.blackbaudhosting.com/webforms/images/cards/visa_normal.png
Requested by
Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
d7889b1aa77c609f75d849db2fee1575bc403b5518448332d4cdf946dae0823b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://careflight.org/our-current-appeal-covid-19/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 06 Jun 2020 05:33:24 GMT
ETag
"0ea2fffc33bd61:0"
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 18 Jun 2020 12:01:36 GMT
Accept-Ranges
bytes
Content-Length
1896
anchor
www.google.com/recaptcha/api2/ Frame 0DFF
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=wz850ucmctj0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tWFpDhBUt2vNlgmWkmZpSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=invisible&cb=wz850ucmctj0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://careflight.org/our-current-appeal-covid-19/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
1P_JAR=2020-06-18-12; NID=204=rHkcnYC86v5S9Sft-ZXWsS94mtgwxpcpKcAV1BFZZT3I8Rgi-Tt5xxHR0BWjQtCEhVoGjDYK2POlf-zbpi5zjILwWQYnFHdBDTpXHpbrxqe-1SbcXaxHjiLkgdj8OFKxsUXjuvWP6Dz57p1GJD6Bd4GcIeqtNzkIJ-Yag1KVzZM; CONSENT=WP.287fb8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 18 Jun 2020 12:01:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-tWFpDhBUt2vNlgmWkmZpSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10137
server
GSE
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame 23E1
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=dysoeysuod54
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sW3aCL9lzCq8xKCRjZHhMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=dysoeysuod54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://careflight.org/our-current-appeal-covid-19/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
1P_JAR=2020-06-18-12; NID=204=rHkcnYC86v5S9Sft-ZXWsS94mtgwxpcpKcAV1BFZZT3I8Rgi-Tt5xxHR0BWjQtCEhVoGjDYK2POlf-zbpi5zjILwWQYnFHdBDTpXHpbrxqe-1SbcXaxHjiLkgdj8OFKxsUXjuvWP6Dz57p1GJD6Bd4GcIeqtNzkIJ-Yag1KVzZM; CONSENT=WP.287fb8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://careflight.org/our-current-appeal-covid-19/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 18 Jun 2020 12:01:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-sW3aCL9lzCq8xKCRjZHhMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1176
server
GSE
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| iFrameResize function| fbq function| _fbq object| root function| addAnnouncementCookie function| Cookies function| bboxInit function| $ function| jQuery object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin object| FB undefined| _bboxDefine boolean| resetDefaultValue object| BBOX string| _MongoServerUrlBase string| _MongoServerUrl undefined| btnSecurePayment boolean| hasBeenCalled object| BBOXReCAPTCHAv2 function| renderReCAPTCHA object| easyXDM object| bbox function| bb$ function| sharePopup object| wpcf7 object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| getScrollBarWidth function| _ object| Fresco function| Headroom function| getScrollbarWidth function| group function| mobileCheck function| headerHeightAdjust function| videoCarouselInit function| videoCarouselResize object| videoCarouselSlider boolean| videoCarouselSliderInit object| videoCarouselSettings string| GoogleAnalyticsObject function| ga object| iframes object| closure_lm_806598 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| BBOXFormAddressBlock object| BBOXSectionScripts object| BBOXBillingSection object| BBOXPaymentSection object| BBOXValidation object| BBOXDesignationSection object| BBOXDonationForm object| BBOXForm object| BBOXGiftAttributesSection function| bbFormToggleGivingLevels object| BBOXGiftSection object| BBOXRecurrenceSection object| BBOXTributeSection object| closure_lm_116768

11 Cookies

Domain/Path Name / Value
.google.com/ Name: CONSENT
Value: WP.287fb8
.google.com/ Name: NID
Value: 204=rHkcnYC86v5S9Sft-ZXWsS94mtgwxpcpKcAV1BFZZT3I8Rgi-Tt5xxHR0BWjQtCEhVoGjDYK2POlf-zbpi5zjILwWQYnFHdBDTpXHpbrxqe-1SbcXaxHjiLkgdj8OFKxsUXjuvWP6Dz57p1GJD6Bd4GcIeqtNzkIJ-Yag1KVzZM
.google.com/ Name: 1P_JAR
Value: 2020-06-18-12
.facebook.com/ Name: fr
Value: 00dg5RpCue0U3c0Df..Be61ed...1.0.Be61ed.
.careflight.org/ Name: _gid
Value: GA1.2.2095702533.1592481694
.careflight.org/ Name: _gat
Value: 1
.careflight.org/ Name: _fbp
Value: fb.1.1592481693004.1604635961
bbox.blackbaudhosting.com/ Name: ASP.NET_SessionId
Value: 33wwbe4i1n5ge4vlj4hwddn4
bbox.blackbaudhosting.com/ Name: NSC_QH-PMY
Value: ffffffff090c1aab45525d5f4f58455e445a4a42378b
.careflight.org/ Name: _ga
Value: GA1.2.1682176091.1592481694
careflight.org/ Name: careflight_loading
Value: true

6 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10)
Message:
GSAP target [object Object] not found. https://greensock.com
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10)
Message:
GSAP target not found. https://greensock.com
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10)
Message:
GSAP target [object Object] not found. https://greensock.com
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10)
Message:
GSAP target not found. https://greensock.com
console-api log URL: https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js(Line 1)
Message:
DOM Ready…
console-api log URL: https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js(Line 1)
Message:
Fully Loaded…

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bbox.blackbaudhosting.com
careflight.org
cdnjs.cloudflare.com
connect.facebook.net
donate.careflight.org
fonts.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
103.242.49.245
216.235.207.153
2606:4700::6810:84e5
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:821::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
61.14.102.28
0068d0785553f23b9ef0c3f6bec8b1a4031b33994574564b37aec74f3e7c01b0
04d7929ba4f2bd3278d40ef67a722d4e1460c7fa1a593c4e3c6ac4b5784c03a8
058000394cc485bd8bd3a84871840fed25416bc309d618b0e014f33d4fa6f811
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2
18a44681500a925fc32b3da12bf8c1f3b76d1bfed769546efa26258b2db1df2f
1b146e335e184e551f5793bed9a8a8a41b04a9c6218b332c75c1d17fcda17a51
1ec9d45805459582fb9ad493c203c2221a57e65cb97aae39428e96b08ab4c527
2717d276b35434202bf3ffcbaec028c33ff5831624a23f93cb4de882ddb44e6b
286acdb13f485e867c91a935546adb91fd560b48d9112b4fad7e03883c15d815
2bc24196b7a54ea5b375954cee8b26cd5d247a609b2c6e2e4394ec295aed5ba2
2d687e30b200ff0349d6e0f975712494f0a5b689e98555b0b1bec7cc8c8878b6
328d74f5028f8f5f02f611ea9231dfccec0654f92c6bbcb1225f292d25b0c706
3a30d6c0e5d80748803ed43548af50afbafe0dea396c6aeae5302f69475d4f4e
40c45f169f29dcf56524d4b80851d7baa85e8ae730b40de495f2004fd2021758
468fa113e197755326dc3ef8855b867785af4a7280675a014c9137055cda0d66
4c004b5da51137c8cb98bbcb2c7ac5bb2c84bd0362065807b4f76160b85c5271
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4f2cffe5af92d457840260f7f0879cc91b05e2bf4234ad3785d3050d15e44b1f
5656cda8005313644d73fa53b51ada197ee1c25a5df5fd1dfa9c7a2d49f74193
60b9498ecd22f33407fb44aba2af7c313d5991aa23666f7e3876d4944ea6b71d
67cf7e93daf7aa009775adb9ad6e76c28c695c6e51b188b6d649d6eb146ee959
6ed749cfc070ab413d757bb94a0f6f84044c80cfbcdcea860ab92a48b417209c
751327d2a90499eb5a6c4a220113580933c957e42b0e4350c6abc9cef4d5fc54
759fe9a50c63d1a02d80fd4e56a78a1c55e4eb34649a0f5a5be72a367172ca77
786b58610788fd938ae249f403907d9896a0303702911df6e18c91dbb45e6c5b
7a16d7f2f59e0c2ce6d219e6663ef2fc53fc7dfdfabcc3f42d8d7d73c72c7fc1
7bcf71964e965622160d8cf62374abd1181c4c3a1114a3e5bffd6c0f00da0713
7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb
8057874ffff44913741f7cccd8e375c8d1694f1f3a112e56f4ee0430cb0451f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8436d428ac9fc16c10356bb4acc7febe0446d4c60bc628d32a8cce32b4aa6724
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b1da6619d6731f4c0a60d03896c941f261c0f0bf8588391643450ad0613d4d4
8d27417e97dd6f91c27a5c5b7c8631eca5d7dfadfa666c5b938dd2d7527040de
8d81303ca0a6e8aad0fe6030abf5b3f1b3febe866a31e01c1221a11a4446f72d
9cf18f759e9c5510c65575e7df1566f9addf64e8a04e6d40d34325a4241402be
a3834b099917ad50875fa35b176e16d18d8b5c1648ed6e9040dca7c77c88503d
aa147e2535dca18d1c6f35b61df283321e05835d43118cba60c8cd1f478bfc87
aa9946f3ea0301e1e49f90b74fcd479f7333b096298b7d0441b4cd51a5ac72d7
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8c7ca70defa31e5be92f8af7ea5d98ed7a40d703968b24c8fcacebcc27a38a1
bfa5856d0fe8397f95aecb52b2a3a01fdb7122432fdba3c22615a394245ea728
c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa
c85b4ec982cf6de7bb2b7b76bb26bd3686b5d2835db33490b483c1ba9d15a963
d7889b1aa77c609f75d849db2fee1575bc403b5518448332d4cdf946dae0823b
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
dec2ef0b6843c1b310d824f841cea765bdf85cb4700b942b010aa8aa1c201d88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1fe2afad897c08a815e32ae07eeaa7db58ecfe48d75622db313450ebb59e9
f029937a965dfc36c373189845e327ba1cfe14f0eb87b61bc1a8aeb46dd0315b
f07fb6ddc3a2b18bc838ff26f6a3685175756126d6ba6c196e8986389a030d56
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955