urlscan.io logo urlscan.io
SecurityTrails logo

support.ucsusa.org Open in urlscan Pro
2606:4700:20::ac43:4562  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://support.ucsusa.org/
Effective URL: https://support.ucsusa.org/
Submission: On December 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 6 countries across 36 domains to perform 56 HTTP transactions. The main IP is 2606:4700:20::ac43:4562, located in United States and belongs to CLOUDFLARENET, US. The main domain is support.ucsusa.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2023. Valid for: a year.
This is the only time support.ucsusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.56.201.9 16625 (AKAMAI-AS)
1 18.155.129.83 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
3 20.60.58.97 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.70 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:214... 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 18.66.112.57 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.45.234.166 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
4 7 193.0.160.131 54312 (ROCKETFUEL)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 212.82.100.181 34010 (YAHOO-IRD)
4 4 13.32.27.83 16509 (AMAZON-02)
3 35.244.174.68 396982 (GOOGLE-CL...)
1 1 142.250.186.162 15169 (GOOGLE)
1 2 37.252.171.53 29990 (ASN-APPNEX)
1 2 54.194.27.175 16509 (AMAZON-02)
1 198.47.127.205 3257 (GTT-BACKB...)
1 35.244.159.8 15169 (GOOGLE)
1 3.122.214.165 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
1 34.197.216.192 14618 (AMAZON-AES)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2.23.197.190 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 52.57.113.187 16509 (AMAZON-02)
1 18.203.91.219 16509 (AMAZON-02)
1 52.59.67.89 16509 (AMAZON-02)
2 2 151.101.66.49 54113 (FASTLY)
56 39
7    2606:4700:20::ac43:4562 (United States)

ASN13335 (CLOUDFLARENET, US)
support.ucsusa.org
1    23.56.201.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-201-9.deploy.static.akamaitechnologies.com
cloud.typography.com
1    18.155.129.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-83.cdg52.r.cloudfront.net
fonts.ucsaction.org
1    2600:1901:0:7b8a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
ucsusa.gitlab.io
3    20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
8188095.fls.doubleclick.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:214f:f800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net
js.ipredictive.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.45.234.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-234-166.compute-1.amazonaws.com
ad.ipredictive.com
1    2600:9000:223c:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
20802620p.rfihub.com
p.rfihub.com
a.rfihub.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
4    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    54.194.27.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-27-175.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    34.197.216.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-216-192.compute-1.amazonaws.com
bpi.rtactivate.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2600:1f18:612b:4232:a102:620e:4cbd:9b41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    52.57.113.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-113-187.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    52.59.67.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-67-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
7 rfihub.com
20802620p.rfihub.com — Cisco Umbrella Rank: 813983
p.rfihub.com — Cisco Umbrella Rank: 825
a.rfihub.com — Cisco Umbrella Rank: 2935
12 KB
7 ucsusa.org
support.ucsusa.org
71 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
8188095.fls.doubleclick.net — Cisco Umbrella Rank: 754515
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
4 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
3 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
149 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 93
1 KB
3 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 53030
22 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
619 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
562 B
2 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 15863
ad.ipredictive.com — Cisco Umbrella Rank: 5212
3 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 630
7 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
196 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1153
175 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
182 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1491
109 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
619 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
344 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
264 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 859
225 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308
633 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
2 KB
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5475
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 gitlab.io
ucsusa.gitlab.io
23 KB
1 ucsaction.org
fonts.ucsaction.org — Cisco Umbrella Rank: 699953
240 KB
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 7347
440 B
56 36
Domain Requested by
7 support.ucsusa.org 1 redirects support.ucsusa.org
static.cloudflareinsights.com
4 p.rfihub.com 3 redirects
4 live.rezync.com 4 redirects
3 idsync.rlcdn.com
3 nvlupin.blob.core.windows.net support.ucsusa.org
2 sync-tm.everesttech.net 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 dpm.demdex.net 1 redirects
2 ib.adnxs.com 1 redirects
2 a.rfihub.com 1 redirects c1.rfihub.net
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 s.yimg.com support.ucsusa.org
s.yimg.com
2 connect.facebook.net support.ucsusa.org
connect.facebook.net
2 8188095.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com support.ucsusa.org
www.googletagmanager.com
1 x.bidswitch.net
1 beacon.krxd.net
1 aa.agkn.com
1 partners.tremorhub.com
1 x.dlx.addthis.com
1 bpi.rtactivate.com
1 contextual.media.net
1 ps.eyeota.net
1 us-u.openx.net
1 image2.pubmatic.com
1 cm.g.doubleclick.net 1 redirects
1 sp.analytics.yahoo.com
1 www.facebook.com
1 adservice.google.com 8188095.fls.doubleclick.net
1 pixel.quantserve.com
1 www.google.com
1 20802620p.rfihub.com c1.rfihub.net
1 rules.quantcount.com secure.quantserve.com
1 ad.ipredictive.com js.ipredictive.com
1 region1.analytics.google.com www.googletagmanager.com
1 js.ipredictive.com www.googletagmanager.com
1 secure.quantserve.com support.ucsusa.org
1 c1.rfihub.net support.ucsusa.org
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.cloudflareinsights.com support.ucsusa.org
1 ucsusa.gitlab.io support.ucsusa.org
1 fonts.ucsaction.org support.ucsusa.org
1 cloud.typography.com 1 redirects
56 45
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.gitlab.io
AlphaSSL CA - SHA256 - G4		 2023-01-12 -
2024-02-13		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 05		 2023-11-16 -
2024-06-27		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.rfihub.net
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-28		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-12 -
2024-01-31		 2 months crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 5 frames:

Primary Page: https://support.ucsusa.org/
Frame ID: 10E75E5F88E8C3CA5BFC258FCC8CC4DD
Requests: 40 HTTP requests in this frame

Frame: https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F
Frame ID: D32D3EE198429C2E7AA31B043416FDDE
Requests: 2 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=108146&cache_buster=1703239686&url=https%3A%2F%2Fsupport.ucsusa.org%2F&val=undefined&tn=undefined&itms=undefined&p1=https%3A%2F%2Fsupport.ucsusa.org%2F&p2=undefined
Frame ID: A1F9B3B919AA71F26EAC5DF3C2A7C0BF
Requests: 1 HTTP requests in this frame

Frame: https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fsupport.ucsusa.org%2F&pf=&ra=3097061380739372
Frame ID: 7EEB50959F5D036B5845A6F243EA84AE
Requests: 18 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=35937&ca=20802620&ri=b966ad455015e180a2ec35e4363d0370&stats=%7B%2213488%22%3A%221112%2C2%22%2C%2217243%22%3A%22191%2C1%22%2C%2242261%22%3A%22151%2C1%22%2C%2250495%22%3A%22679%2C1%22%2C%2252220%22%3A%22218%2C1%22%2C%2253935%22%3A%22270%2C1%22%2C%2254497%22%3A%22371%2C1%22%2C%2254855%22%3A%22227%2C2%22%2C%2254863%22%3A%22647%2C1%22%2C%2255073%22%3A%22306%2C2%22%2C%2256659%22%3A%22399%2C1%22%2C%2256885%22%3A%22353%2C2%22%2C%2257347%22%3A%22425%2C2%22%2C%2257363%22%3A%22694%2C1%22%2C%2258143%22%3A%22197%2C1%22%2C%2258553%22%3A%22646%2C2%22%2C%2258561%22%3A%22435%2C1%22%7D&ra=11777298593690477
Frame ID: 2B81F5F7CC390AEDE4CFE07E8C25E00A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fight for Science. Donate Now.

Page URL History Show full URLs

  1. http://support.ucsusa.org/ HTTP 301
    https://support.ucsusa.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

56
Requests

86 %
HTTPS

43 %
IPv6

36
Domains

45
Subdomains

39
IPs

6
Countries

805 kB
Transfer

1659 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://support.ucsusa.org/ HTTP 301
    https://support.ucsusa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cloud.typography.com/6045052/6787212/css/fonts.css HTTP 302
  • https://fonts.ucsaction.org/2019/752037/49109C308C5988827.css
Request Chain 20
  • https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F HTTP 302
  • https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F
Request Chain 43
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer=https%3A%2F%2Fsupport.ucsusa.org%2F&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%253A1703239686.8247058%26_%3D1703239686.8257556&cb=1703239686.8257864 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%253A1703239686.8247058%26_%3D1703239686.8257556 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239686.8257556
Request Chain 44
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgzMTcwMDAzODMzMw==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEu1AfTDyJOKPPMOV-pLmFo&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%253A1703239686.8247058%26_%3D1703239687.2063985&cb=1703239687.2064266 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%253A1703239686.8247058%26_%3D1703239687.2063985 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239687.2063985
Request Chain 45
  • https://ib.adnxs.com/setuid?entity=18&code=5107433831700038333 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433831700038333
Request Chain 46
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433831700038333&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831700038333&redir=
Request Chain 49
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5107433831700038333&bid=omt9pi0
Request Chain 52
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward=&C=1
Request Chain 59
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYVgBwAIyq5q0QBd HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYVgBwAIyq5q0QBd&_test=ZYVgBwAIyq5q0QBd

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
support.ucsusa.org/
Redirect Chain
  • http://support.ucsusa.org/
  • https://support.ucsusa.org/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9854ce3a511b5c2d977e5180228b6974cf0c45d4f38647773d5d31590dc75c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75114
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
83978fbfef144d3d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 10:08:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2IO2HiOhcL8EveyFQB8xFcVgVbvRGFC6WWNMKllT3PrnS3zXs5WONYqDHwFoXpwXBrNT54Msir7BEDoqG2hZqfIMYpxm%2BjrR9NHAYHmKt%2BtczjIIvtAbCEy9jMO9pygg%2B1apVSLXDmvmz6J4tbgPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HJ8FY56P19QNTBNKC1JWM89Y

Redirect headers

CF-RAY
83978fbf082f6add-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 22 Dec 2023 10:08:04 GMT
Expires
Fri, 22 Dec 2023 11:08:04 GMT
Location
https://support.ucsusa.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79zkIWwhGWGiRq61c3SbZl%2BYWvMuPck%2FRESw%2FU66rnQL9zDRI84xu4xO2hE7goqIaxPyz9zxR%2Fo92O5WAGKwQkLiok%2F8MW28V3G%2FW7jexh4vIV2jUysN%2FQXTfGHYqXHeXcQJCkrK%2BYAhRnuwx6hIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.min.css
support.ucsusa.org/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.ucsusa.org/style.min.css
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6ad0aa3dac4cf14814fb2dd90816f264cfd4ca407fde9a3ed62d5f9686213a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HJ8FY5CCZNVZTFNYNXP6D0BA
date
Fri, 22 Dec 2023 10:08:05 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"a04420c4afd95c2566001f8bd0c5d0d1-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P%2Bzfvv3wdssi4xohQfxvZIYbILoQ5KAEEaeKshcJGzlsUmAnpsWxDXDN%2FycyFwKTK8tK0KO1zhBf1wyp905g6hVFAx7cdQ3hMfUyNr2FmmYDshvzuhZa8%2FXNMPROKeAAwzHCnbRVD05DRwu0%2BpwTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400, must-revalidate
cf-ray
83978fc1a9114d3d-FRA
alt-svc
h3=":443"; ma=86400
49109C308C5988827.css
fonts.ucsaction.org/2019/752037/
Redirect Chain
  • https://cloud.typography.com/6045052/6787212/css/fonts.css
  • https://fonts.ucsaction.org/2019/752037/49109C308C5988827.css
318 KB
240 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ucsaction.org/2019/752037/49109C308C5988827.css
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Server
18.155.129.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-83.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62171f8b486fe776857edeced3a1c6cf5885dd24492c81483d416c43108181ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:04:28 GMT
content-encoding
gzip
via
1.1 c812f87630e842766e842cb048d8c94e.cloudfront.net (CloudFront)
last-modified
Wed, 16 Oct 2019 17:32:49 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
22824218
etag
W/"3cbf63d47b263541d9593492e1fa3814"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
7oGcrxYp55Eak3P9LCvEP5FEeGtNLRRM3bGLbvP4dMyAtoODE-Utew==

Redirect headers

Date
Fri, 22 Dec 2023 10:08:05 GMT
Last-Modified
Wed, 16 Oct 2019 17:34:13 GMT
Server
AkamaiNetStorage
X-HCo-pid
16
ETag
"07b3e87c350ab135a7f67a5b9d6a4a4b:1571247253"
Content-Type
text/html
Location
https://fonts.ucsaction.org/2019/752037/49109C308C5988827.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Fri, 22 December 2023 10:08:05 GMT
hero-image.jpg
support.ucsusa.org/assets/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.ucsusa.org/assets/hero-image.jpg
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ce67b13043b32573a8eaacc6f314d9279895ec6541db2cff3064dc2ea34f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HJ8FY5CDDRGTYA0D42XCT7RF
date
Fri, 22 Dec 2023 10:08:05 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46926
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"ebc8eeb63d294e40baafb34d03b49097-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcGXiq74C4VSKcw%2B9img5eW5PpcWMmOWWZ25Eczr5mdP6TMq8RKA4ptvhtUEia8rFDL%2BSW5NiXXAmuBbFWYwafzmzDTb1yRTI1rFfzXfumeYtRbZ1RdUvHSJ8ITDfQN9zXtmfv2hOtfG1WVwW2NyKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate
accept-ranges
bytes
cf-ray
83978fc1a9124d3d-FRA
charity-navigator-four-stars.svg
ucsusa.gitlab.io/everyaction-templates/assets/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucsusa.gitlab.io/everyaction-templates/assets/charity-navigator-four-stars.svg
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7b8a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
af645040510601e06b1652eb2ef5bdfe6fd5686793bb602febcb035fe641ff83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:05 GMT
last-modified
Wed, 03 Mar 2021 20:43:53 GMT
etag
"bdf08a11f8911f97cbda5799bf3bc845bdcf6fd787b50361429c682ed52e3de0"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=600
permissions-policy
interest-cohort=()
content-length
23087
expires
Fri, 22 Dec 2023 10:18:05 UTC
charity-watch-top-rated.svg
nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/charity-watch-top-rated.svg
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad416536782ba3d56f7b674cdfe6a4c3487056a49030d94a027e8b1c28c9b6c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 10:08:05 GMT
Last-Modified
Wed, 25 Nov 2020 05:32:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D891037EB225D2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
ec40e167-101e-0066-2ebe-340871000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
6894
guidestar-platinum-seal-2021-rgb.svg
nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/guidestar-platinum-seal-2021-rgb.svg
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66dc56828c9bde0c622584257866c85ce93261bd225c8b22a30622dda4bb953d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 10:08:05 GMT
Last-Modified
Thu, 16 Sep 2021 13:38:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D979173DF82AC4
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
af5d2f61-b01e-001d-1bbe-344aed000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
8004
bbb-accredited-charity-wide.svg
nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/UCS/UCS/1/58097/images/bbb-accredited-charity-wide.svg
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
288912d54f16367680c733786d262aba94ff553cc2f00671263264ccce5a0495

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Dec 2023 10:08:05 GMT
Last-Modified
Wed, 25 Nov 2020 05:29:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D89103153F3261
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
fae459cd-a01e-0073-58be-341fc2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5638
rocket-loader.min.js
support.ucsusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.ucsusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OKt0e%2ByMeH532wfrEpXDSYGVx76OnD4SurSPcXGgQlqpHyolJAQGjKAW%2BqUhC61%2Fb%2FSY2JHB1UrdTg5rMRS7WWJxXiYtEAHgKB1i7M0yZPjAkmsIVm2J7TmqoqkvrRTwvdShPgVglJWZnJUUoXVGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83978fc1a9164d3d-FRA
expires
Sun, 24 Dec 2023 10:08:05 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://support.ucsusa.org/
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:05 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83978fc23ecc1907-FRA
script.min.js
support.ucsusa.org/ 		49 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://support.ucsusa.org/script.min.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97561745f50f1b965b8297ae7a30db3f02d2b23c6e8f63adc905326fecab614e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HJ8FY5WSSW1R2Q4J7NY3CSEX
date
Fri, 22 Dec 2023 10:08:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"3799eb7f65acaeb2c7f6085dc1e938ae-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3%2FqAsrhrPsFVVlPQ%2BjMut4hw0VafAygFOKa7qI9onHqfgXT0eGCI%2BzFWrLQ0ZV5MADNEFpbG7cq12Z1IHoTI%2FjzDvQVWXkwgYPpT4m62FL6hQkNGLIlf8nBXRemkmoXCa4%2FdZCIGtz7eM8JenSrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400, must-revalidate
cf-ray
83978fc4eb961a49-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c72ff69c6c80c4c0f0b5e70d2356ff47b1b3d96ab42af22ee8636578be0ed8e9

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b223fc846e70d07ead5069b4e1fe488403812f26aec619fc15970bea9c6b13d

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b083cdcfc35dee4b9d71ce99bb3d8709f468bc7e58dd442c8dc7362b9b487f8

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
760a6f48424470f6804b781e51b229a57669a9f815c479f95610aa5b6a3a45fc

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4b70f15572a2a4100431537f0a91113eae6d1bed01f1867e29512a9e48a07e9

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97303734c98db605724e0a61dd1d985d3b913b5b8a48448311e00efaba5378f1

Request headers

Referer
Origin
https://support.ucsusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
gtm.js
www.googletagmanager.com/ 		332 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac80d61476ecfea5bbd423cce776f7b2f7514cb66e026ce179854e8f0450a884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106663
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Dec 2023 10:08:06 GMT
js
www.googletagmanager.com/gtag/ 		278 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2fbd106809966e82809e0afc87b02ca76a018ac71462dfffc566e87c181d556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93564
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Dec 2023 10:08:06 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 09:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1189
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Dec 2023 11:48:17 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/?random=1703239686215&cv=11&fst=1703239686215&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6541836&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.ucsusa.org%2F&hn=www.googleadservices.com&frm=0&tiba=Fight%20for%20Science.%20Donate%20Now.&auid=2130394128.1703239686&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8aab460c2f0c9237b9ec7bc60a8393372083d130eb27db36081168f3bd309d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=...
8188095.fls.doubleclick.net/ Frame D32D
Redirect Chain
  • https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
  • https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l...
499 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
96f2cdfa5afc504c09d904be1f8154a08eb1645963fce9fbb1d02b5c9a7c8f93
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.ucsusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:08:06 GMT
expires
Fri, 22 Dec 2023 10:08:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:08:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 10:08:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RD07++SPlBqVEvICk0NSNHcdcygTrQJflOtr5evzKoFOzb1ZYc20d1oDcdqaNvX4SIX7N/4JtMO87K5ix6wtNg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 09:51:09 GMT
content-encoding
gzip
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 09:50:59 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
FRA53-C1
age
1017
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
iKg0HUgN0g6w_x5dAyentdUJKkIUrWwQkJeDvnevD986yp5CC9nKkw==
expires
Fri, 22 Dec 2023 10:51:09 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 29 Dec 2023 10:08:06 GMT
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: support.ucsusa.org
URL: https://support.ucsusa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 22 Dec 2023 10:07:56 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
AKZW4NWMFYSBV4A2
age
11
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
oUIaQza9rPcPF9wWXlL54/SPHqv2tI0H/Pjf5dn92UdFrFYwtUeBEPad+zkGUX3EXp/kuqPcmOjGcFekATjgqQ==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-57.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 09:13:09 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
3298
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
teKjKkrQMe2wEhPd9rustbO5OI0x8diQhB6Nlyp40sJAs3bdlp1WDQ==
rum
support.ucsusa.org/cdn-cgi/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.ucsusa.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://support.ucsusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://support.ucsusa.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83978fc72e271a49-FRA
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VB9DKE4V36&gtm=45je3bt0v879307084z86541836&_p=1703239685946&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1519432994.1703239686&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703239686&sct=1&seg=0&dl=https%3A%2F%2Fsupport.ucsusa.org%2F&dt=Fight%20for%20Science.%20Donate%20Now.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1430
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.ucsusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VB9DKE4V36&cid=1519432994.1703239686&gtm=45je3bt0v879307084z86541836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.ucsusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VB9DKE4V36&cid=1519432994.1703239686&gtm=45je3bt0v879307084z86541836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1519992979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame A1F9 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=108146&cache_buster=1703239686&url=https%3A%2F%2Fsupport.ucsusa.org%2F&val=undefined&tn=undefined&itms=undefined&p1=https%3A%2F%2Fsupport.ucsusa.org%2F&p2=undefined
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.234.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-234-166.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.ucsusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Fri, 22 Dec 2023 10:08:06 GMT
X-CI-RTID
bb659ef5-631b-4634-8f58-4e7161228424
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1938668667&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.ucsusa.org%2F&ul=en-us&de=UTF-8&dt=Fight%20for%20Science.%20Donate%20Now.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=657522823&gjid=1403177230&cid=1519432994.1703239686&tid=UA-6648639-1&_gid=487564595.1703239686&_r=1&_slc=1&gtm=45He3bt0n71NB5C4Qv6541836&cd2=&cd3=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1350549300
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.ucsusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.ucsusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-8w7tSVuzV_3NU.js
rules.quantcount.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8w7tSVuzV_3NU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 09:58:12 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 01 Nov 2019 20:00:46 GMT
server
AmazonS3
etag
W/"610bb3b00c066431338a8002bf88acfa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
zKe1EBMPpNm1uGfcel1SQ09HQQ7VDaSLs4NRaYJdkRSIuWWIwX2Thg==
ca.html
20802620p.rfihub.com/ Frame 7EEB 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fsupport.ucsusa.org%2F&pf=&ra=3097061380739372
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
2aba162ea8261f2a57606f0fb5f6ce47e233244c9e5299dedc23e0eacab18414

Request headers

Referer
https://support.ucsusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
4916
Content-Type
text/html;charset=utf-8
Date
Fri, 22 Dec 2023 10:08:06 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
/
www.google.com/pagead/1p-user-list/1071979118/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071979118/?random=1703239686215&cv=11&fst=1703239200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6541836&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.ucsusa.org%2F&frm=0&tiba=Fight%20for%20Science.%20Donate%20Now.&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9JG1hGy6__egv8emj8OTxUJMJr0fYQ&random=2282339178&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071979118/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071979118/?random=1703239686215&cv=11&fst=1703239200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6541836&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.ucsusa.org%2F&frm=0&tiba=Fight%20for%20Science.%20Donate%20Now.&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9JG1hGy6__egv8emj8OTxUJMJr0fYQ&random=2282339178&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10095888.json
s.yimg.com/wi/config/ 		2 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10095888.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
GE8G7NQ507DTZR00
age
0
content-length
22
x-amz-id-2
J9UZddSBu93/jDgO44KKzFK84r1GNx0u30s7LYrg4iiaVvKnjKvYjjpxrM0PgVzozaRgVJJKnzU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6648639-1&cid=1519432994.1703239686&jid=657522823&gjid=1403177230&_gid=487564595.1703239686&_u=YADAAEAAAAAAACAAI~&z=302193101
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://support.ucsusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 22 Dec 2023 10:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.ucsusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
625465517575530
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/625465517575530?v=2.9.138&r=stable&domain=support.ucsusa.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
342e958d498ad4c840091f1fbaecd983c598a7d5df5f8a781579c91fa01d74d7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 10:08:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
/9nZPMm7cICVdER/mPl30BcgS+Ql8YCxWsej5iLgycp7WLF3aPJMMLlgykX1P6fvjEQ/fos6n6ooaeNUJ+CJjA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=146348115;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fsupport.ucsusa.org%2F;uht=2;fpan=1;fpa=P0-16472457-1703239686364;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=146348115;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fsupport.ucsusa.org%2F;uht=2;fpan=1;fpa=P0-16472457-1703239686364;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=ucsusa.org;dst=1;et=1703239686497;tzo=-60;ogl=site_name.Union%20of%20Concerned%20Scientists%2Ctype.website%2Curl.https%3A%2F%2Fsupport%252Eucsusa%252Eorg%2Ctitle.Fight%20for%20Science%252E%20Donate%20Now%252E%2Cdescription.The%20Union%20of%20Concerned%20Scientists%20is%20a%20member-supported%20nonprofit%20that%E2%80%99s%20fightin%2Cimage.%2Fassets%2Fhero-image%252Ejpg%2Cimage%3Aalt.The%20Union%20of%20Concerned%20Scientists;ses=b8e8cb21-5360-453d-b087-a3d24278e5a2;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=*;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
adservice.google.com/ddm/fls/z/ Frame D32D 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=*;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F
Requested by
Host: 8188095.fls.doubleclick.net
URL: https://8188095.fls.doubleclick.net/activityi;dc_pre=CPfO5aPmooMDFVQPogMdY5YNsA;src=8188095;type=site;cat=ucs-g0;ord=1619902738898;auiddc=2130394128.1703239686;u1=%2F;gtm=45He3bt0v6541836;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsupport.ucsusa.org%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8188095.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=625465517575530&ev=PageView&dl=https%3A%2F%2Fsupport.ucsusa.org%2F&rl=&if=false&ts=1703239686551&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703239686551.1699730657&ler=empty&it=1703239686438&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Dec 2023 10:08:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2022%20Dec%202023%2010%3A08%3A06%20GMT&n=-1&b=Fight%20for%20Science.%20Donate%20Now.&.yp=10095888&f=https%3A%2F%2Fsupport.ucsusa.org%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.ucsusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 22 Dec 2023 10:08:06 GMT
501709.gif
idsync.rlcdn.com/ Frame 7EEB
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer=https%3A%2F%2Fsupport.ucsusa.org%2F&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e25...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239686.8257556
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239686.8257556
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Fri, 22 Dec 2023 10:08:07 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239686.8257556
content-length
447
x-amz-cf-id
QYSObPsXlGskxo2j1dIug6LVKwhRP9oFEuUZTzozAUg_WpzS7_nI7Q==
501709.gif
idsync.rlcdn.com/ Frame 7EEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgzMTcwMDAzODMzMw==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEu1AfTDyJOKPPMOV-pLmFo&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2ea-4fa7e25...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831700038333&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9ce7ab44-1542-4331-a2...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239687.2063985
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239687.2063985
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Fri, 22 Dec 2023 10:08:07 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239687.2063985
content-length
447
x-amz-cf-id
sHzVPGA9sLDviY-aAwwYrSSlzS-ZCErw85oe-XeJjLOn-kIPcwcfiA==
bounce
ib.adnxs.com/ Frame 7EEB
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5107433831700038333
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433831700038333
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433831700038333
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
an-x-request-uuid
512e29cb-2b4f-4e48-9ea6-8102be0e963a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
an-x-request-uuid
d773b9b2-58a0-455b-9454-d92c16bbf614
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433831700038333
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 7EEB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433831700038333&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831700038333&redir=
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831700038333&redir=
Protocol
H2
Server
54.194.27.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-27-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-074995c50.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
tmFFaimlScw=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-08e40c941.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
im9QFXFIT1Q=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831700038333&redir=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
Pug
image2.pubmatic.com/AdServer/ Frame 7EEB 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5107433831700038333&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 22 Dec 2023 10:08:05 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 7EEB 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831700038333&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame 7EEB
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5107433831700038333&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5107433831700038333&bid=omt9pi0
Protocol
HTTP/1.1
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 22 Dec 2023 10:08:06 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5107433831700038333&bid=omt9pi0
Date
Fri, 22 Dec 2023 10:08:06 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 7EEB 		57 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5107433831700038333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 10:08:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Fri, 22 Dec 2023 10:08:06 GMT
/
bpi.rtactivate.com/tag/ Frame 7EEB 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5107433831700038333
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.216.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-216-192.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:07 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 7EEB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward=&C=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward=&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Coi3Eu%2BtjHIefp9u2BxrmozcQVKhUOOB0glWtSKyyzDmPM2Mrh%2BHQdvOxGvvzpCzHlcbWApNPp4WrN%2Fj1fZMAySg%2Bu5%2FiZQlWWA5StqTulzLUP7QLLd8Djk2NFKzQrFjE%2F3lbtl4pSLBQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83978fca8e044534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OMFnAliefnVafmmP1WI885gjeZ4vXzx5ZZGTOgpN16rIkzj4cgdPC87UU7b8LZn%2BQUqUCT5NrQbmdaDbqQymEuklNW1XlO9RAsjDw%2FpJ5bTM5jMUONzf16wTOToso%2BWtQcpO7nCJTugdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=5107433831700038333&forward=&C=1
cache-control
no-cache
cf-ray
83978fca0cf74534-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame 7EEB 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5107433831700038333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 7EEB 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5107433831700038333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 10:08:07 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 10:08:07 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/ Frame 7EEB 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5107433831700038333&r=QhM2beaxdXQZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:a102:620e:4cbd:9b41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 22 Dec 2023 10:08:07 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 7EEB 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5107433831700038333
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.113.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-113-187.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 10:08:06 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 7EEB 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5107433831700038333
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Fri, 22 Dec 2023 10:08:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1703239687
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 7EEB 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433831700038333&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.67.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-67-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:08:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame 7EEB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYVgBwAIyq5q0QBd
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYVgBwAIyq5q0QBd&_test=ZYVgBwAIyq5q0QBd
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYVgBwAIyq5q0QBd&_test=ZYVgBwAIyq5q0QBd
Protocol
HTTP/1.1
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20802620p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 22 Dec 2023 10:08:07 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-etou8220110-FRA
pragma
no-cache
date
Fri, 22 Dec 2023 10:08:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703239687.192555,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYVgBwAIyq5q0QBd&_test=ZYVgBwAIyq5q0QBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pstats.html
a.rfihub.com/ Frame 2B81 		26 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/pstats.html?rb=35937&ca=20802620&ri=b966ad455015e180a2ec35e4363d0370&stats=%7B%2213488%22%3A%221112%2C2%22%2C%2217243%22%3A%22191%2C1%22%2C%2242261%22%3A%22151%2C1%22%2C%2250495%22%3A%22679%2C1%22%2C%2252220%22%3A%22218%2C1%22%2C%2253935%22%3A%22270%2C1%22%2C%2254497%22%3A%22371%2C1%22%2C%2254855%22%3A%22227%2C2%22%2C%2254863%22%3A%22647%2C1%22%2C%2255073%22%3A%22306%2C2%22%2C%2256659%22%3A%22399%2C1%22%2C%2256885%22%3A%22353%2C2%22%2C%2257347%22%3A%22425%2C2%22%2C%2257363%22%3A%22694%2C1%22%2C%2258143%22%3A%22197%2C1%22%2C%2258553%22%3A%22646%2C2%22%2C%2258561%22%3A%22435%2C1%22%7D&ra=11777298593690477
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer
https://support.ucsusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
26
Content-Type
text/html;charset=iso-8859-1
Date
Fri, 22 Dec 2023 10:08:07 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| html object| dataLayer object| dataPrograms object| dataCampaigns object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq function| _rfi object| _qevents object| dotq boolean| __cfRLUnblockHandlers function| onYouTubeIframeAPIReady object| gaGlobal function| AdelphicUniversalPixel object| gaplugins object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| YAHOO

29 Cookies

Domain/Path Name / Value
.ucsusa.org/ Name: _gcl_au
Value: 1.1.2130394128.1703239686
.ucsusa.org/ Name: _ga_VB9DKE4V36
Value: GS1.1.1703239686.1.0.1703239686.60.0.0
.ucsusa.org/ Name: _ga
Value: GA1.2.1519432994.1703239686
.ucsusa.org/ Name: _gid
Value: GA1.2.487564595.1703239686
.ucsusa.org/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmNsvAtX3HJxTT-fLsRKAyy8vaE-Ncbv5A366z_d3I00Cu_HqGGnEbGh1v6emg
.ucsusa.org/ Name: _fbp
Value: fb.1.1703239686551.1699730657
.quantserve.com/ Name: mc
Value: 65856006-82673-8e398-49c4d
.ucsusa.org/ Name: __qca
Value: P0-16472457-1703239686364
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ3MDAA0sbGQnyGuiFZAQURefGWOfGGkQCO1rdxJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ3MDAA0sbGQnyGuiFZAQURefGWOfGGkQCO1rdxJQAAAA
.adnxs.com/ Name: uuid2
Value: 8054782093550435798
.casalemedia.com/ Name: CMID
Value: ZYVgBp9yZuBlS0te9y4QAgAA
.casalemedia.com/ Name: CMPS
Value: 3353
.casalemedia.com/ Name: CMPRO
Value: 3353
.yahoo.com/ Name: A3
Value: d=AQABBAZghWUCEDEHPf4EdCDWlRuD3ECusRIFEgEBAQGxhmWPZeAJyiMA_eMAAA&S=AQAAAl50qxkK8H_roR_uxiejDj8
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2HbZ^pjUg!1yIE`Wq3dShskA5Hr@J5di8!3O*fL3NIPXeq<)x$L#^7TD._*PlZ[C[-kX-!w@JC
.media.net/ Name: visitor-id
Value: 3462412869085265000V10
.media.net/ Name: data-rk
Value: 5107433831700038333~~3
.ipredictive.com/ Name: cu
Value: 53d04526-9573-4709-9f02-f8a8fa923786|1703239686789
.demdex.net/ Name: demdex
Value: 53942509964951745743098184213697352428
.dpm.demdex.net/ Name: dpm
Value: 53942509964951745743098184213697352428
.rezync.com/ Name: zync-uuid
Value: 9ce7ab44-1542-4331-a2ea-4fa7e251ccb9:1703239686.8247058
.eyeota.net/ Name: SERVERID
Value: 23057~DM
.krxd.net/ Name: _kuid_
Value: P_WTLH3R
live.rezync.com/ Name: sd-session-id
Value: .eJwNi0kOwyAMAP_ic6gAm7B8JnKoK6E2tIrTS6P8vZxGI82csHxk37hLP6Ac-1cmqK82TKGcoO23yRMKBGcjISZ00Vo7iAjXBCqq7d2Xdh9NrhJ5JTIukDejdoa9sKEHR_HB1brmMn70mOc035KnaEOC6w-tBiWz.ZYVgBw.36wp6CWuPTOwSrgBjaVBvez-LoU
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYVgBwAIyq5q0QBd
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dS01dEwLcan08vcOCPD1D9Mt8Ml1y29iMbdMTjVPTDIx0TU0NTHSNTE2NtRNNEpN1DVJSzRPNTI1TE5OsrQyNDcwNjK2NLMw07MwMjE3MLUAAORoORpYAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13Rqw7CUAwG4EC4hQU1yyscsnNbd3ALDMElECD4bdkcAYPA8ghIJBI5OTmJnEQieQQUkrXyy9_8bdJun4_8YBMEJ-6n2_F5upytVovljh3n-8lh3ePgSCGN67lG81utYtcxGXFO_CT-EH-Jr3XsO_GDOCPO6XwD-0WcNbHLigHA-xA_WtgFcUn8In7TvI196WDnFr6vsHB-tcHECYSRUoxrJZiSkrNQJCFTaQiJ0DyOIzP8lww8ocDR3s2uNEnt3rHhbZPP2XjzDxCjlfE3AgAA

3 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5107433831700038333
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239686.8257556
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=9ce7ab44-1542-4331-a2ea-4fa7e251ccb9%3A1703239686.8247058&_=1703239687.2063985
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20802620p.rfihub.com
8188095.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.ipredictive.com
adservice.google.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.ucsaction.org
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.ipredictive.com
live.rezync.com
nvlupin.blob.core.windows.net
p.rfihub.com
partners.tremorhub.com
pixel.quantserve.com
ps.eyeota.net
region1.analytics.google.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.ucsusa.org
sync-tm.everesttech.net
ucsusa.gitlab.io
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.18.36.155
13.32.27.83
142.250.186.162
142.250.186.70
151.101.66.49
18.155.129.83
18.203.91.219
18.66.112.57
193.0.160.131
198.47.127.205
2.23.197.190
20.60.58.97
2001:4860:4802:34::36
212.82.100.181
23.56.201.9
2600:1901:0:7b8a::
2600:1f18:612b:4232:a102:620e:4cbd:9b41
2600:9000:214f:f800:1:76cf:fe80:93a1
2600:9000:223c:e00:6:44e3:f8c0:93a1
2606:4700:20::ac43:4562
2606:4700::6810:3965
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1288:80:807::2
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.122.214.165
34.197.216.192
35.244.159.8
35.244.174.68
37.252.171.53
52.45.234.166
52.57.113.187
52.59.67.89
54.194.27.175
95.101.148.20
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1b223fc846e70d07ead5069b4e1fe488403812f26aec619fc15970bea9c6b13d
288912d54f16367680c733786d262aba94ff553cc2f00671263264ccce5a0495
2aba162ea8261f2a57606f0fb5f6ce47e233244c9e5299dedc23e0eacab18414
342e958d498ad4c840091f1fbaecd983c598a7d5df5f8a781579c91fa01d74d7
36ce67b13043b32573a8eaacc6f314d9279895ec6541db2cff3064dc2ea34f0f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62171f8b486fe776857edeced3a1c6cf5885dd24492c81483d416c43108181ef
66dc56828c9bde0c622584257866c85ce93261bd225c8b22a30622dda4bb953d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
760a6f48424470f6804b781e51b229a57669a9f815c479f95610aa5b6a3a45fc
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
96f2cdfa5afc504c09d904be1f8154a08eb1645963fce9fbb1d02b5c9a7c8f93
97303734c98db605724e0a61dd1d985d3b913b5b8a48448311e00efaba5378f1
97561745f50f1b965b8297ae7a30db3f02d2b23c6e8f63adc905326fecab614e
9854ce3a511b5c2d977e5180228b6974cf0c45d4f38647773d5d31590dc75c79
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b083cdcfc35dee4b9d71ce99bb3d8709f468bc7e58dd442c8dc7362b9b487f8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2fbd106809966e82809e0afc87b02ca76a018ac71462dfffc566e87c181d556
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
ac80d61476ecfea5bbd423cce776f7b2f7514cb66e026ce179854e8f0450a884
ad416536782ba3d56f7b674cdfe6a4c3487056a49030d94a027e8b1c28c9b6c1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af645040510601e06b1652eb2ef5bdfe6fd5686793bb602febcb035fe641ff83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88
c72ff69c6c80c4c0f0b5e70d2356ff47b1b3d96ab42af22ee8636578be0ed8e9
c8aab460c2f0c9237b9ec7bc60a8393372083d130eb27db36081168f3bd309d3
cc6ad0aa3dac4cf14814fb2dd90816f264cfd4ca407fde9a3ed62d5f9686213a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d4b70f15572a2a4100431537f0a91113eae6d1bed01f1867e29512a9e48a07e9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623