payitforwardcharleston.org Open in urlscan Pro
45.79.194.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://payitforwardcharleston.com/
Effective URL:
https://payitforwardcharleston.org/
Submission: On April 04 via api (April 4th 2020, 12:02:48 pm UTC) from DE

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 19 domains to perform 42 HTTP transactions. The main IP is 45.79.194.69, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is payitforwardcharleston.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 30th 2020. Valid for: 3 months.

This is the only time payitforwardcharleston.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::681b:ab7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	45.79.194.69 45.79.194.69	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	23.37.59.76 23.37.59.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
4	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
3	23.37.33.211 23.37.33.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
6	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
2	3.220.9.69 3.220.9.69	14618 (AMAZON-AES) (AMAZON-AES)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
1	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	23.45.98.207 23.45.98.207	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2600:9000:21f... 2600:9000:21f3:3000:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	18.211.103.48 18.211.103.48	14618 (AMAZON-AES) (AMAZON-AES)
1	158.69.52.117 158.69.52.117	16276 (OVH) (OVH)
42	18

1 2606:4700:3034::681b:ab7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

payitforwardcharleston.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.79.194.69 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1293-69.members.linode.com

payitforwardcharleston.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
butcherandbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.59.76 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-59-76.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.33.211 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.9.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-9-69.compute-1.amazonaws.com

b.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-px963uiwkr.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.118 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.98.207 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3000:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.103.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-103-48.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	payitforwardcharleston.org payitforwardcharleston.org	676 KB
6	stripe.com js.stripe.com	41 KB
6	donately.com cdn.donately.com b.donately.com	395 KB
5	google-analytics.com www.google-analytics.com	19 KB
3	typekit.net use.typekit.net p.typekit.net	29 KB
2	trackjs.com cdn.trackjs.com usage.trackjs.com	9 KB
2	paypal.com www.paypal.com t.paypal.com	7 KB
2	px-cloud.net collector-px963uiwkr.px-cloud.net	1 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.de www.google.de	499 B
1	google.com 1 redirects www.google.com	579 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	475 B
1	paypalobjects.com www.paypalobjects.com	232 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	butcherandbee.com butcherandbee.com	412 KB
1	typography.com 1 redirects cloud.typography.com	438 B
1	payitforwardcharleston.com 1 redirects payitforwardcharleston.com	311 B
42	19

	Domain	Requested by
8	payitforwardcharleston.org	payitforwardcharleston.org cdn.donately.com
6	js.stripe.com	cdn.donately.com js.stripe.com
5	www.google-analytics.com	cdn.donately.com www.google-analytics.com payitforwardcharleston.org
4	cdn.donately.com	payitforwardcharleston.org cdn.donately.com
2	collector-px963uiwkr.px-cloud.net	cdn.donately.com
2	b.donately.com	cdn.donately.com payitforwardcharleston.org
2	use.typekit.net	payitforwardcharleston.org use.typekit.net
1	usage.trackjs.com
1	ping.chartbeat.net
1	static.chartbeat.com	payitforwardcharleston.org
1	cdn.trackjs.com	cdn.donately.com
1	t.paypal.com	payitforwardcharleston.org
1	www.google.de	payitforwardcharleston.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.paypal.com	www.paypalobjects.com
1	p.typekit.net	payitforwardcharleston.org
1	www.paypalobjects.com	cdn.donately.com
1	www.googletagmanager.com	payitforwardcharleston.org
1	ajax.googleapis.com	payitforwardcharleston.org
1	butcherandbee.com	payitforwardcharleston.org
1	cloud.typography.com	1 redirects
1	payitforwardcharleston.com	1 redirects
42	23

This site contains links to these domains. Also see Links.

Domain
donately.com

Subject Issuer	Validity	Valid
butcherandbee.com Let's Encrypt Authority X3	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
donately.com DigiCert SHA2 Extended Validation Server CA	`2019-12-11` - `2022-01-24`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-02-12` - `2020-06-03`	4 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
b.donately.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
*.px-cloud.net Let's Encrypt Authority X3	`2020-03-08` - `2020-06-06`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
*.trackjs.com RapidSSL RSA CA 2018	`2019-06-11` - `2021-09-09`	2 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://payitforwardcharleston.org/
Frame ID: AFF1A3C99DFE1764DD1D117FF40ECCFA
Requests: 57 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-468bd62002596e10e873d190027981dd.html
Frame ID: 3A616BE3A34B2529FBE234A721857036
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
Frame ID: 9F0E41BCF3442ED085F33F57E0B93898
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
Frame ID: BB5E7BF62785C49469CD91B28B315DAD
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
Frame ID: 8E81BC06C08A2FACA92A7C8D7BEF7FAB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: C3FC000A6D40751DB7AD179A368A5F06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://payitforwardcharleston.com/ HTTP 301
https://payitforwardcharleston.org/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

42
Requests

98 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

18
IPs

6
Countries

2081 kB
Transfer

3803 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://donately.com/?utm_source=formjs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://payitforwardcharleston.com/ HTTP 301
https://payitforwardcharleston.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloud.typography.com/6911292/724508/css/fonts.css HTTP 302
https://butcherandbee.com/473068/5E4BD6BF989A29A9E.css

Request Chain 49

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&gjid=1850722905&_gid=1361158573.1586001751&_u=aGBAgEIR~&z=1314848966 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966&slf_rd=1&random=757631002

42 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
payitforwardcharleston.org/
Redirect Chain

http://payitforwardcharleston.com/
https://payitforwardcharleston.org/

8 KB
3 KB

962ms
590ms

Document
text/html

45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 / PHP/7.1.30
Resource Hash: c0d7fd36d18c095ae71947a3a4c5586fa74aa79605e2d0c8236ddef41f157edf

Request headers

Host: payitforwardcharleston.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Apr 2020 12:02:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
X-Powered-By: PHP/7.1.30
Cache-Control: max-age=0, no-cache
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3076
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 04 Apr 2020 12:02:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Apr 2020 13:02:23 GMT
Location: https://payitforwardcharleston.org
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 57eae1520e601f55-FRA

GET
H/1.1

200
OK

5E4BD6BF989A29A9E.css
butcherandbee.com/473068/
Redirect Chain

https://cloud.typography.com/6911292/724508/css/fonts.css
https://butcherandbee.com/473068/5E4BD6BF989A29A9E.css

411 KB
412 KB

499ms
144ms

Stylesheet
text/css

45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://butcherandbee.com/473068/5E4BD6BF989A29A9E.css
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /
Resource Hash: 08bf559abebbe911be589ee6c402874d7bfe458e041d5ccc1feb7c7d9d42b7a0

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Apr 2020 12:02:29 GMT
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
ETag: "66d23-5a26aeb737a00"
Content-Type: text/css
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 421155

Redirect headers

Date: Sat, 04 Apr 2020 12:02:26 GMT
Last-Modified: Mon, 27 Jun 2016 14:23:26 GMT
Server: AkamaiNetStorage
ETag: "88063c04d8bf44ca3519f2da0a62c279:1467037406"
Vary: Accept-Encoding
Content-Type: text/html
Location: https://butcherandbee.com/473068/5E4BD6BF989A29A9E.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Sat, 04 April 2020 12:02:25 GMT

GET
H/1.1 200
OK payitforwardcharleston-575dd03a3c.org.css
payitforwardcharleston.org/build/css/ 99 KB
17 KB 117ms
116ms Stylesheet
text/css 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://payitforwardcharleston.org/build/css/payitforwardcharleston-575dd03a3c.org.css

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1293-69.members.linode.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /

Resource Hash

fc482df6b89fc698e0ab73e13cb597c5bef0561770d7ce9e83af204fd2b4653e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 04 Apr 2020 12:02:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 104931
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
Etag: W/"PSA-aj-z7VB7QwtpA"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=139
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17194
Expires: Sat, 04 Apr 2020 12:04:44 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 13:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252629
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Apr 2021 13:51:55 GMT

GET
H/1.1 200
OK payitforwardcharleston-a4508c3061.org.js.pagespeed.ce.pFCMMGH5x7.js Show response
payitforwardcharleston.org/build/js/ 3 KB
2 KB 338ms
118ms Script
application/javascript 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://payitforwardcharleston.org/build/js/payitforwardcharleston-a4508c3061.org.js.pagespeed.ce.pFCMMGH5x7.js
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /
Resource Hash: 9b15dec93e0f56c6719e1f6a3c1c4bedc8beed5c5f32b75fdfc8a72b67166d9e

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 04 Apr 2020 12:02:24 GMT
Content-Encoding: gzip
X-Original-Content-Length: 3354
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1410
Expires: Sun, 04 Apr 2021 12:02:24 GMT

GET
H/1.1 200
OK xheader-bg.jpg.pagespeed.ic.zlvMxX2rtr.webp
payitforwardcharleston.org/img/_sites/payitforwardcharleston.org/ 377 KB
377 KB 130ms
129ms Image
image/jpeg 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payitforwardcharleston.org/img/_sites/payitforwardcharleston.org/xheader-bg.jpg.pagespeed.ic.zlvMxX2rtr.webp

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1293-69.members.linode.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /

Resource Hash

8ef9966c173298260eb4b0fd9c0d63432af6c5daf85bf3a08a3e8aceecbc6cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
Content-Type: image/jpeg
Cache-Control: max-age=300,private
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://payitforwardcharleston.org/img/_sites/payitforwardcharleston.org/header-bg.jpg>; rel="canonical"
Content-Length: 385676
Keep-Alive: timeout=5, max=97
Expires: Sat, 04 Apr 2020 12:04:44 GMT

GET
H2 200 core.min.js Show response
cdn.donately.com/dntly-core/current/ 327 KB
328 KB 106ms
27ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/dntly-core/current/core.min.js

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7cbd57f73eff3962b14ffff9099d3e61697c585d466cf7e176b939eee25e10a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:24 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1934
x-cache: HIT
status: 200
content-length: 335280
x-amz-id-2: EbrjsrRk2N37bIWJEGbrgiN+JR/tp0HU62PeMhOKI7tEBp2tPGbOBwPiWPMWeQaKb5PQApIl4rI=
x-served-by: cache-fra19144-FRA
referrer-policy: origin-when-cross-origin
last-modified: Tue, 03 Mar 2020 13:30:50 GMT
server: AmazonS3
x-timer: S1586001745.848991,VS0,VE4
etag: "afdb1738f55c3f845f6116b28f5df617"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
strict-transport-security: max-age=31557600; includeSubdomains
x-download-options: noopen
x-amz-request-id: E502AC13C28BFFF9
x-xss-protection: 1; mode=block
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 uwq8onr.js Show response
use.typekit.net/ 18 KB
7 KB 211ms
170ms Script
text/javascript 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uwq8onr.js

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-33-211.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

649debf204892404af4a62f2419cd19aa18be6af751d54554ec65649fb14aad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Sat, 04 Apr 2020 12:02:25 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7385

GET
H/1.1 200
OK global.svg
payitforwardcharleston.org/img/svg/sprites/ 164 KB
165 KB 117ms
116ms Other
image/svg+xml 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://payitforwardcharleston.org/img/svg/sprites/global.svg
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /
Resource Hash: c470672a554e354be152d02bc24671c78b2b079133948d102bed182474c98d12

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:30 GMT
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
ETag: "290a4-5a26aeb737a00"
Content-Type: image/svg+xml
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 168100

GET
H/1.1 200
OK payitforwardcharleston.org.svg
payitforwardcharleston.org/img/svg/sprites/ 8 KB
9 KB 361ms
115ms Other
image/svg+xml 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://payitforwardcharleston.org/img/svg/sprites/payitforwardcharleston.org.svg
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /
Resource Hash: 60874857d95e981a90b4a68fd007f598957b0040f6e055d878f2b5bc089e81bf

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:30 GMT
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
ETag: "216a-5a26aeb737a00"
Content-Type: image/svg+xml
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8554

GET
H/1.1 200
OK bag-background.png
payitforwardcharleston.org/img/_sites/payitforwardcharleston.org/ 99 KB
100 KB 401ms
112ms Image
image/png 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payitforwardcharleston.org/img/_sites/payitforwardcharleston.org/bag-background.png

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1293-69.members.linode.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 /

Resource Hash

6fc3670a2d619ebdc3a00eea1c3f2404fa26544107d60d715e23a028aa18570e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Apr 2020 23:03:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
ETag: "18c75-5a26aeb737a00"
Content-Type: image/png
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 101493
Expires: Sat, 04 Apr 2020 12:04:44 GMT

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3b111e748d6b56cdb4279cb4d68251fb76a2dc80c9e81df610e1a1c06edbfd2

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef4d1263cc08e0b07fc51d3117e34d9093cff940a5d53ce1fa62448ae044ddf7

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfb536e4d89e7a5511cf60289fca629be4a47b7b981ac7e3bba416c8c8891959

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82496b3182b344ca7042d444465e437275288b4f8929718c26864b0783252df1

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f06502d8e78106bbe8d1142d372c5da2c5fa6146a5ede7ff04fbad948ec2f1

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 615253b6a84637459ecfd28cab8b08b7d262eda7acbbefd01cfa4853896fbc7b

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a56bd01e6db7dfd22bc594109a233ef3b71e330606ae9a32eaf847c0f8de5ca

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 56 KB
21 KB 34ms
21ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7JHTPG

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e08908e893c637e8ac2aab7ff7900ab96c53fe7d27ca2b5c0fb6cfd8357bd741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 21309
x-xss-protection: 0
expires: Sat, 04 Apr 2020 12:02:30 GMT

GET
H2 200 l
use.typekit.net/af/2d1d2c/00000000000000003b9b12d8/27/ 21 KB
22 KB 145ms
93ms Font
application/font-woff2 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2d1d2c/00000000000000003b9b12d8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uwq8onr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2ac46889fdadffff6f3423d9795160b61db6c772d7f30720be75ede71bc2bfb

Request headers

Referer: https://payitforwardcharleston.org/
Origin: https://payitforwardcharleston.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
server: nginx
access-control-allow-origin: *
etag: "8fd32c23bfa7e316548eb69c4fc24f86da92c889"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 21804

GET
H2 200 init.js Show response
cdn.donately.com/963UiWkR/ 87 KB
32 KB 244ms
244ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/963UiWkR/init.js?_=1586001750548

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b97ca12e35bb0916e923137b16c31422cb64c242f549cb20570eb08cf1777eb2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
status: 200
strict-transport-security: max-age=31557600; includeSubdomains
content-length: 32805
x-xss-protection: 1; mode=block
x-served-by: cache-fra19144-FRA
referrer-policy: origin-when-cross-origin
etag: W/"15cf7-XDxlDT09c1ZOpzMQu+rrjidmKYM"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 init.js Show response
cdn.donately.com/963UiWkR/ 87 KB
32 KB 241ms
241ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/963UiWkR/init.js?_=1586001750549

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b97ca12e35bb0916e923137b16c31422cb64c242f549cb20570eb08cf1777eb2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
status: 200
strict-transport-security: max-age=31557600; includeSubdomains
content-length: 32805
x-xss-protection: 1; mode=block
x-served-by: cache-fra19144-FRA
referrer-policy: origin-when-cross-origin
etag: W/"15cf7-XDxlDT09c1ZOpzMQu+rrjidmKYM"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5035
date: Sat, 04 Apr 2020 10:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Sat, 04 Apr 2020 12:38:35 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 159 KB
41 KB 70ms
21ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?_=1586001750550

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8417d94b6a7e2ec53d9faf6b2c59ac7f6e63f4152f6d4320eeb12b17e73fd111

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
age: 225
x-cache: HIT
status: 200
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-length: 41803
x-amz-id-2: KuvAerZe5UsiPIM7y82ToCoq/3HZmE/4o0CMqcy6AIq5R6yhiSdkBWTk+jSgd6T7QOtlR5YKJs4=
x-served-by: cache-fra19121-FRA
last-modified: Thu, 02 Apr 2020 22:23:42 GMT
server: AmazonS3
x-timer: S1586001751.632767,VS0,VE0
etag: "f63a737aa2626530137ddd76d568cded"
vary: Accept-Encoding
x-amz-request-id: 8BC8B746B93B5233
via: 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 140

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
232 KB 68ms
21ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js?_=1586001750551

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

6e2eb7fb1fb7ed13bfab7335838fbf339ab54c1b0fcd96e72984cfc5eccbbbbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214911
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31557600
content-length: 236664
x-served-by: cache-sjc10034-SJC, cache-hhn4042-HHN
last-modified: Thu, 02 Apr 2020 00:16:01 GMT
server: Apache
x-timer: S1586001751.630870,VS0,VE0
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 2, 112835

GET
H/1.1 200
OK / Show response
payitforwardcharleston.org/ 8 KB
3 KB 832ms
697ms XHR
text/html 45.79.194.69
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://payitforwardcharleston.org/
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.194.69 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1293-69.members.linode.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30 / PHP/7.1.30
Resource Hash: bc47d0f808a8641cae7433f6a38d81caf12b7c0075658cf2c4cbd3216f3d51ac

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Sat, 04 Apr 2020 12:02:30 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.30
X-Powered-By: PHP/7.1.30
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, no-cache
X-Mod-Pagespeed: 1.13.35.2-0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 3105

POST
H/1.1 200
OK / Show response
b.donately.com/ 894 B
1 KB 344ms
105ms XHR
application/json 3.220.9.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b.donately.com/
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.9.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-9-69.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: c06d1d1896d2dee7b31edfc63ef53750125d83b36944cd532d9dcf731dc26b3a

Request headers

Referer: https://payitforwardcharleston.org/
Origin: https://payitforwardcharleston.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 04 Apr 2020 12:02:31 GMT
Via: 1.1 vegur
Etag: W/"37e-aMaK+jDVmaY0VUx+iRILuPQ7EPU"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 894

GET
H/1.1 200
OK /
b.donately.com/ 35 B
325 B 367ms
110ms Image
image/gif 3.220.9.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.donately.com/?event=form.init&version=0.0.1&timestamp=1586001750577&timeOpened=1586001750559&host=payitforwardcharleston.org&userFingerprint=2138625887&formFingerprint=62124979&formVersion=3.6.6&accountId=act_4f7db41ba3ec&currentUrl=https%3A%2F%2Fpayitforwardcharleston.org&imageCount=3&wordCount=163&pageSize=3105&sizeScreenW=1600&sizeScreenH=1200&sizeInW=1600&sizeInH=1200&referrer=&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&formOptions=
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.9.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-9-69.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:31 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ae9a62b594dbb176075710e82afd11a0cd97f70d9438783245c7cf7f9ee753a

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e45d2d30c35e1eabfbf5816c7b55125b1032a1dc129ed3b4c746e79e4ec3bcfb

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17440eb0631be3171d601823b5d0d68dc8dcafdeb2fb6f57692fb047d3c65e61

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94ab4c6a1eb9d58b05759b0283b04b259b63143b03dc4c9ea2d69cc0bf1475b3

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd1db3d59d25db0e9cccf55b34fbfc322ebb5b9b5ed0b78c7443f219e117b1ca

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1210eaaac16986262c6bddbbff9c0f96c75c112dee827904459cc34f50c4769d

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92caec03f3bfa01966af252f4ae95a6ab8081f36c681f8224d04459a8eac782f

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 23ms
22ms Image
image/gif 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=uwq8onr&ht=tk&h=payitforwardcharleston.org&f=37382&a=573719&js=1.19.2&app=typekit&e=js&_=1586001751477
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 04 Apr 2020 12:02:31 GMT
last-modified: Mon, 04 Feb 2019 20:24:55 GMT
server: nginx
access-control-allow-origin: *
etag: "5c589f97-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Mon, 19 Aug 2019 08:04:12 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
892 B 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 11:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1228
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
expires: Sat, 04 Apr 2020 12:42:03 GMT

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 544 B
775 B 81ms
46ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/963UiWkR/init.js?_=1586001750548
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5b4c01340840dd0b8d289432c89906a0c7129afd64174644fd013486ffb95109

Request headers

Referer: https://payitforwardcharleston.org/
Origin: https://payitforwardcharleston.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payitforwardcharleston.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 544

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 603ms
537ms Script
application/x-javascript 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=payitforwardcharleston.org&source=checkoutjs&t=xo&v=4.0.312

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js?_=1586001750551

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dyLpHX6RSNiFi4GNavDN77dWdzLkR40o+g+bn4Nt6m1U8Fhw' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-edgeconnect-origin-mex-latency: 466
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dyLpHX6RSNiFi4GNavDN77dWdzLkR40o+g+bn4Nt6m1U8Fhw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
status: 200
paypal-debug-id: be490c95fac4f
strict-transport-security: max-age=63072000
dc: ccg11-origin-www-2.paypal.com
content-length: 4456
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sat, 04 Apr 2020 12:02:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"

GET
BLOB 200
OK a41821b8-ce0a-46c7-9751-fbd52f1bba2f
https://payitforwardcharleston.org/ 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://payitforwardcharleston.org/a41821b8-ce0a-46c7-9751-fbd52f1bba2f
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/963UiWkR/init.js?_=1586001750548
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5011297798a2b815295296797aa1680ed950f90a7ed7f2fc4e6f09a4b35022f6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 1244
Content-Type: application/javascript

GET
H2 200 controller-468bd62002596e10e873d190027981dd.html
js.stripe.com/v3/ Frame 3A61 0
0 20ms
20ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-468bd62002596e10e873d190027981dd.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1586001750550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-468bd62002596e10e873d190027981dd.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://payitforwardcharleston.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://payitforwardcharleston.org/

Response headers

status: 200
x-amz-id-2: UmgJrjpMcqa8lHMIt6I/elQommZhfMgT81Jlaf8FPLM1ZWR6iSZtmmrAS1czRvchlsKZdQGzQSI=
x-amz-request-id: 5587681B0CB7480C
last-modified: Thu, 02 Apr 2020 22:23:42 GMT
etag: "468bd62002596e10e873d190027981dd"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 varnish
age: 242
x-served-by: cache-fra19121-FRA
x-cache: HIT
x-cache-hits: 51
x-timer: S1586001752.633947,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 237

GET
H2 200 elements-inner-card-51e0a63f433555284925f9663bcb948d.html
js.stripe.com/v3/ Frame 9F0E 0
0 21ms
21ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1586001750550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://payitforwardcharleston.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://payitforwardcharleston.org/

Response headers

status: 200
x-amz-id-2: nFml5Dc4rsNVy+F472tEKcAnOIN1UVU1MB9dpyJnmR2gnVboNk1dRPoirdI+BbQfFQCY6U5yZMw=
x-amz-request-id: CC4B52E7E1956700
last-modified: Thu, 02 Apr 2020 22:23:41 GMT
etag: "51e0a63f433555284925f9663bcb948d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 varnish
age: 280
x-served-by: cache-fra19121-FRA
x-cache: HIT
x-cache-hits: 13
x-timer: S1586001752.637747,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 1351

GET
H2 200 elements-inner-card-51e0a63f433555284925f9663bcb948d.html
js.stripe.com/v3/ Frame BB5E 0
0 21ms
21ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1586001750550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://payitforwardcharleston.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://payitforwardcharleston.org/

Response headers

status: 200
x-amz-id-2: nFml5Dc4rsNVy+F472tEKcAnOIN1UVU1MB9dpyJnmR2gnVboNk1dRPoirdI+BbQfFQCY6U5yZMw=
x-amz-request-id: CC4B52E7E1956700
last-modified: Thu, 02 Apr 2020 22:23:41 GMT
etag: "51e0a63f433555284925f9663bcb948d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 varnish
age: 280
x-served-by: cache-fra19121-FRA
x-cache: HIT
x-cache-hits: 14
x-timer: S1586001752.638595,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 1351

GET
H2 200 elements-inner-card-51e0a63f433555284925f9663bcb948d.html
js.stripe.com/v3/ Frame 8E81 0
0 21ms
20ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1586001750550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-51e0a63f433555284925f9663bcb948d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://payitforwardcharleston.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://payitforwardcharleston.org/

Response headers

status: 200
x-amz-id-2: nFml5Dc4rsNVy+F472tEKcAnOIN1UVU1MB9dpyJnmR2gnVboNk1dRPoirdI+BbQfFQCY6U5yZMw=
x-amz-request-id: CC4B52E7E1956700
last-modified: Thu, 02 Apr 2020 22:23:41 GMT
etag: "51e0a63f433555284925f9663bcb948d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 varnish
age: 280
x-served-by: cache-fra19121-FRA
x-cache: HIT
x-cache-hits: 15
x-timer: S1586001752.639261,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 1351

GET
H2 200 generic.png
cdn.donately.com/legacy/ 191 B
451 B 21ms
21ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.donately.com/legacy/generic.png

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d78c78a9b8606f3b758665dfd1acfbcafe8cc411212edb7a5046fd28853d293f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 713
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
content-length: 191
x-amz-id-2: KEkhDyGYhoGx74tAGzi/M0e9sLdFYB8+Hwv/g9bWPkKXLOYVrWlvZzxqG5YlPq72iXunuBxxvmQ=
x-served-by: cache-fra19144-FRA
referrer-policy: origin-when-cross-origin
last-modified: Fri, 08 Jul 2016 17:06:01 GMT
server: AmazonS3
x-timer: S1586001752.648521,VS0,VE1
etag: "d9134b7381a1c6a0ea1e55738e2737c2"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
strict-transport-security: max-age=31557600; includeSubdomains
x-download-options: noopen
x-amz-request-id: 7BD071B44616F87B
x-xss-protection: 1; mode=block
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:; base-uri 'self'; child-src *; manifest-src 'self'; object-src 'self'; upgrade-insecure-requests; report-uri https://donately.report-uri.io/r/default/csp/enforce
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d871e662ea88caa5605e6dc51b38eb1a0d7c7e168bfe8de0a5434c6a44d4e00c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cc89be92b323a31353c1e8b78332306314e1b5d42312a1fb73954bdf5107375

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a69be02d210a12129aa62e8439df826b91316e848fe2c347f55a7a5f8d457ba1

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51fc8ad4b8109f982896d26f9c357736da058c5672a96ce11c45f740aaba4ac5

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 collect
www.google-analytics.com/ 35 B
197 B 6ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1034411908&t=pageview&_s=1&dl=https%3A%2F%2Fpayitforwardcharleston.org%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Pay%20it%20Forward%20Charleston&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEIR~&jid=1128394307&gjid=1850722905&cid=786272327.1586001751&tid=UA-25909623-2&_gid=1361158573.1586001751&cd1=core&cd2=3.6.6&cd3=embed&cd4=act_4f7db41ba3ec&cd5=cc&cm1=0&cm2=0&cm3=1&cm4=0&z=2129020665

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:26:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 617737
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&gjid=1850722905&_gid=1361158573.1586001751&_u=aGBAgEIR~&z=1314848966
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966&slf_rd=1&random=757631002

42 B
499 B

30ms
19ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966&slf_rd=1&random=757631002

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 12:02:31 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Apr 2020 12:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25909623-2&cid=786272327.1586001751&jid=1128394307&_v=j81&z=1314848966&slf_rd=1&random=757631002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
7ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1034411908&t=event&_s=2&dl=https%3A%2F%2Fpayitforwardcharleston.org%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Pay%20it%20Forward%20Charleston&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Donately&ea=form.init&_u=aGBAgEIR~&jid=&gjid=&cid=786272327.1586001751&tid=UA-25909623-2&_gid=1361158573.1586001751&cd1=core&cd2=3.6.6&cd3=embed&cd4=act_4f7db41ba3ec&cd5=cc&cm1=0&cm2=0&cm3=1&cm4=0&z=1280230162

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:26:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 617737
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
124 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1034411908&t=pageview&_s=1&dl=https%3A%2F%2Fpayitforwardcharleston.org%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Pay%20it%20Forward%20Charleston&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEIR~&jid=719838230&gjid=1073045686&cid=786272327.1586001751&tid=UA-54467055-8&_gid=1361158573.1586001751&_r=1&gtm=2wg3p1N7JHTPG&z=431360927

Requested by

Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 12:02:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac0a00c1aa8b2a0be53744cca79f3630c0bc2d347c6457d5ab131a5a2c32b739

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddf6323b340d790c8a275322b442878b743ecee5f591e319282483c55cd85751

Request headers

Origin: https://payitforwardcharleston.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
814 B 225ms
179ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Home%20%7C%20Pay%20it%20Forward%20Charleston&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1586001752213&g=-120&completeurl=https%3A%2F%2Fpayitforwardcharleston.org%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sat, 04 Apr 2020 12:02:32 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sat, 04 Apr 2020 12:02:32 GMT

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 271 B
338 B 44ms
43ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/963UiWkR/init.js?_=1586001750548
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 05409d5e09f76d0ac0a028ccc3bb74fd1402519651b6b038d4d047266cec00de

Request headers

Referer: https://payitforwardcharleston.org/
Origin: https://payitforwardcharleston.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 04 Apr 2020 12:02:31 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payitforwardcharleston.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 271

GET
H2 200 tracker.js Show response
cdn.trackjs.com/releases/current/ 26 KB
9 KB 54ms
15ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/releases/current/tracker.js
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/dntly-core/current/core.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 12:02:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Sep 2018 19:10:30 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3C8A6722F52CD5CC
etag: W/"160874c6a444216fd269e7e0e2370aa7"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
access-control-allow-origin: *
x-amz-id-2: 8cdwKdP3jqhvPX6PJu6BaBz5gwhKlva06wJskx9IeDbJ+aLZCCeIoO2CgQlc0gvssypk1tcdBFQ=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 24ms
7ms Script
application/x-javascript 2600:9000:21f3:3000:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: payitforwardcharleston.org
URL: https://payitforwardcharleston.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3000:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 11:58:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 217
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: f_xOCoz5oT4yzJdMjKjq78HX7AAgTzzkwy8k4UFp4wJZruhQH3EfZQ==
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
expires: Sat, 04 Apr 2020 13:58:55 GMT

GET
H2 200 m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame C3FC 0
0 23ms
22ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1586001750550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://payitforwardcharleston.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://payitforwardcharleston.org/

Response headers

status: 200
x-amz-id-2: lOVZPwHw2eHUggJo+nNzViPbudJD8r1WfDvQn7Z9Jnsrnrvxe8dfzNoMP2rkNwYoQarhb7XBt7E=
x-amz-request-id: 0E590926584BA576
last-modified: Fri, 28 Feb 2020 23:42:06 GMT
etag: "a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Apr 2020 12:02:32 GMT
via: 1.1 varnish
age: 16
x-served-by: cache-fra19121-FRA
x-cache: HIT
x-cache-hits: 15
x-timer: S1586001752.461593,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
content-length: 203

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 303ms
100ms Image
image/gif 18.211.103.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=butcherandbee.com&p=%2F&u=BpD-miBaw8qXCHFZXl&d=payitforwardcharleston.org&g=21570&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1875&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=8778&t=BSE0pWBrstppDiCoRHDnSbtPBqF_kP&V=118&i=Home%20%7C%20Pay%20it%20Forward%20Charleston&tz=-120&sn=1&sv=BSoRm8Dl6BO69s9oAhNF5bJV_np&sd=1&im=06032c03&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.103.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-103-48.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Sat, 04 Apr 2020 12:02:32 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 316ms
105ms Image
image/gif 158.69.52.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=72e0e06ec183489e97c7e33b6c481c16&correlationId=15c450e7-ae76-4d56-b1f1-a77a9918e04e&application=dntly-form&x=8b361551-b73c-45f2-beed-3d4afefc203f&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-3.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://payitforwardcharleston.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 12:02:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payitforwardcharleston.org/	1970-01-19 08:33:22	Name: _px2 Value: eyJ1IjoiMjk5ZDk0ODAtNzY2Yy0xMWVhLWE4YWEtNDUzNzZiZTNkMWUyIiwidiI6IjI5YTVkYjI3LTc2NmMtMTFlYS1iMGJkLTAyNDJhYzEyMDAwNiIsInQiOjE1ODYwMDIwNTIzNTksImgiOiI0NzhkYmRjZDM2MTNhZjFlNWI1MzJjNDlhYzc3NTgwM2MyMzZhZDllNDAwOWUwZGNmNzY2ODE2YTVkZGFjYjg1In0=
payitforwardcharleston.org/	1970-01-19 08:33:21	Name: _pxff_wa Value: 1,702
.payitforwardcharleston.org/	1970-01-19 08:33:23	Name: __stripe_sid Value: 492fc7ae-e728-44ad-8e4f-0b200decc1c2
.payitforwardcharleston.org/	1970-01-19 08:33:21	Name: _gat_UA-54467055-8 Value: 1
.payitforwardcharleston.org/	1970-01-19 08:34:48	Name: _gid Value: GA1.2.1361158573.1586001751
.payitforwardcharleston.org/	1970-01-19 21:30:57	Name: _pxvid Value: 29a5db27-766c-11ea-b0bd-0242ac120006
.payitforwardcharleston.org/	1970-01-19 08:33:21	Name: _gat Value: 1
.payitforwardcharleston.org/	1970-01-19 17:18:57	Name: __stripe_mid Value: 661d4e24-0614-44e1-a32f-9c2a9eecb964
.payitforwardcharleston.org/	1970-01-20 02:04:33	Name: _ga Value: GA1.2.786272327.1586001751

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b.donately.com
butcherandbee.com
cdn.donately.com
cdn.trackjs.com
cloud.typography.com
collector-px963uiwkr.px-cloud.net
js.stripe.com
p.typekit.net
payitforwardcharleston.com
payitforwardcharleston.org
ping.chartbeat.net
static.chartbeat.com
stats.g.doubleclick.net
t.paypal.com
usage.trackjs.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
151.101.114.133
151.101.12.176
151.101.14.133
158.69.52.117
18.211.103.48
23.37.33.211
23.37.59.76
23.45.98.207
2600:9000:21f3:3000:18:1fcd:349:ca21
2606:4700:3034::681b:ab7e
2a00:1450:4001:817::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
3.220.9.69
35.186.220.184
45.79.194.69
72.246.168.118
94.31.29.32
05409d5e09f76d0ac0a028ccc3bb74fd1402519651b6b038d4d047266cec00de
08bf559abebbe911be589ee6c402874d7bfe458e041d5ccc1feb7c7d9d42b7a0
1210eaaac16986262c6bddbbff9c0f96c75c112dee827904459cc34f50c4769d
17440eb0631be3171d601823b5d0d68dc8dcafdeb2fb6f57692fb047d3c65e61
1cc89be92b323a31353c1e8b78332306314e1b5d42312a1fb73954bdf5107375
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
3ae9a62b594dbb176075710e82afd11a0cd97f70d9438783245c7cf7f9ee753a
5011297798a2b815295296797aa1680ed950f90a7ed7f2fc4e6f09a4b35022f6
51fc8ad4b8109f982896d26f9c357736da058c5672a96ce11c45f740aaba4ac5
5b4c01340840dd0b8d289432c89906a0c7129afd64174644fd013486ffb95109
60874857d95e981a90b4a68fd007f598957b0040f6e055d878f2b5bc089e81bf
615253b6a84637459ecfd28cab8b08b7d262eda7acbbefd01cfa4853896fbc7b
649debf204892404af4a62f2419cd19aa18be6af751d54554ec65649fb14aad8
6a56bd01e6db7dfd22bc594109a233ef3b71e330606ae9a32eaf847c0f8de5ca
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e2eb7fb1fb7ed13bfab7335838fbf339ab54c1b0fcd96e72984cfc5eccbbbbb
6fc3670a2d619ebdc3a00eea1c3f2404fa26544107d60d715e23a028aa18570e
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
82496b3182b344ca7042d444465e437275288b4f8929718c26864b0783252df1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8417d94b6a7e2ec53d9faf6b2c59ac7f6e63f4152f6d4320eeb12b17e73fd111
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8ef9966c173298260eb4b0fd9c0d63432af6c5daf85bf3a08a3e8aceecbc6cad
92caec03f3bfa01966af252f4ae95a6ab8081f36c681f8224d04459a8eac782f
94ab4c6a1eb9d58b05759b0283b04b259b63143b03dc4c9ea2d69cc0bf1475b3
9b15dec93e0f56c6719e1f6a3c1c4bedc8beed5c5f32b75fdfc8a72b67166d9e
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a69be02d210a12129aa62e8439df826b91316e848fe2c347f55a7a5f8d457ba1
ac0a00c1aa8b2a0be53744cca79f3630c0bc2d347c6457d5ab131a5a2c32b739
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
b3b111e748d6b56cdb4279cb4d68251fb76a2dc80c9e81df610e1a1c06edbfd2
b97ca12e35bb0916e923137b16c31422cb64c242f549cb20570eb08cf1777eb2
bc47d0f808a8641cae7433f6a38d81caf12b7c0075658cf2c4cbd3216f3d51ac
c06d1d1896d2dee7b31edfc63ef53750125d83b36944cd532d9dcf731dc26b3a
c0d7fd36d18c095ae71947a3a4c5586fa74aa79605e2d0c8236ddef41f157edf
c2ac46889fdadffff6f3423d9795160b61db6c772d7f30720be75ede71bc2bfb
c470672a554e354be152d02bc24671c78b2b079133948d102bed182474c98d12
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb536e4d89e7a5511cf60289fca629be4a47b7b981ac7e3bba416c8c8891959
d78c78a9b8606f3b758665dfd1acfbcafe8cc411212edb7a5046fd28853d293f
d871e662ea88caa5605e6dc51b38eb1a0d7c7e168bfe8de0a5434c6a44d4e00c
ddf6323b340d790c8a275322b442878b743ecee5f591e319282483c55cd85751
e08908e893c637e8ac2aab7ff7900ab96c53fe7d27ca2b5c0fb6cfd8357bd741
e45d2d30c35e1eabfbf5816c7b55125b1032a1dc129ed3b4c746e79e4ec3bcfb
e4f06502d8e78106bbe8d1142d372c5da2c5fa6146a5ede7ff04fbad948ec2f1
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d1263cc08e0b07fc51d3117e34d9093cff940a5d53ce1fa62448ae044ddf7
f7cbd57f73eff3962b14ffff9099d3e61697c585d466cf7e176b939eee25e10a
fc482df6b89fc698e0ab73e13cb597c5bef0561770d7ce9e83af204fd2b4653e
fd1db3d59d25db0e9cccf55b34fbfc322ebb5b9b5ed0b78c7443f219e117b1ca
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

payitforwardcharleston.org Open in urlscan Pro 45.79.194.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

38 %IPv6

19 Domains

23 Subdomains

18 IPs

6 Countries

2081 kBTransfer

3803 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payitforwardcharleston.org Open in urlscan Pro
45.79.194.69 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

18
IPs

6
Countries

2081 kB
Transfer

3803 kB
Size

9
Cookies

42 HTTP transactions
20 data transactions