give.virginiasalvationarmy.org Open in urlscan Pro
2606:4700::6812:843c  Public Scan

Submitted URL: https://r20.rs6.net/tn.jsp?f=001uM0lb4q9GrwkSs0OGmZi-y6AW2YBiyGAq6xUfiBnxwLoge_RUceRpg6UL_qTGZCtqVAB1RdDnCm-nbsKa02K...
Effective URL: https://give.virginiasalvationarmy.org/give/485836/
Submission: On May 16 via manual from US — Scanned from DE

Summary

This website contacted 87 IPs in 7 countries across 70 domains to perform 360 HTTP transactions. The main IP is 2606:4700::6812:843c, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.virginiasalvationarmy.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2023. Valid for: a year.
This is the only time give.virginiasalvationarmy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.75.122.11 40444 (ASN-CC)
32 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.143.247.24 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.78.109 16509 (AMAZON-02)
1 13.32.121.38 16509 (AMAZON-02)
24 99.86.4.76 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
12 151.101.2.137 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 5 146.75.120.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.86 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
58 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 52.215.114.201 16509 (AMAZON-02)
5 3.123.242.12 16509 (AMAZON-02)
1 184.29.204.223 16625 (AKAMAI-AS)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 143.204.207.250 16509 (AMAZON-02)
2 10 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:a... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 54.225.234.9 14618 (AMAZON-AES)
2 76.223.13.31 16509 (AMAZON-02)
1 104.244.42.136 13414 (TWITTER)
2 104.244.42.133 13414 (TWITTER)
2 104.244.42.67 13414 (TWITTER)
2 193.108.153.28 20940 (AKAMAI-ASN1)
3 35.190.43.134 15169 (GOOGLE)
1 34.252.176.107 16509 (AMAZON-02)
2 63.140.62.160 15224 (OMNITURE)
1 1 52.16.185.84 16509 (AMAZON-02)
5 2a03:2880:f17... 32934 (FACEBOOK)
9 10 151.101.66.49 54113 (FASTLY)
2 52.89.68.105 16509 (AMAZON-02)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 4 2620:116:800d... 16509 (AMAZON-02)
1 69.16.175.42 20446 (STACKPATH...)
4 2.23.209.20 20940 (AKAMAI-ASN1)
4 5 65.9.66.64 16509 (AMAZON-02)
1 4 54.237.159.253 14618 (AMAZON-AES)
1 34.205.105.58 14618 (AMAZON-AES)
2 192.132.33.46 18568 (BIDTELLECT)
4 52.223.40.198 16509 (AMAZON-02)
1 151.101.130.132 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
2 52.30.58.64 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 18.66.122.52 16509 (AMAZON-02)
1 2 37.252.171.22 29990 (ASN-APPNEX)
1 35.156.98.69 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 2 142.250.185.162 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 3 185.80.39.216 27381 (CASALE-MEDIA)
2 37.252.171.21 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
2 185.64.191.210 62713 (AS-PUBMATIC)
4 6 193.0.160.131 54312 (ROCKETFUEL)
1 54.243.103.167 14618 (AMAZON-AES)
24 2a00:1450:400... 15169 (GOOGLE)
1 3 185.94.180.125 35220 (SPOTX-AMS)
3 35.244.174.68 15169 (GOOGLE)
1 3.127.178.105 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
1 3.210.10.159 14618 (AMAZON-AES)
1 69.192.160.219 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 52.208.135.117 16509 (AMAZON-02)
1 52.213.11.190 16509 (AMAZON-02)
1 52.58.143.247 16509 (AMAZON-02)
360 87
Apex Domain
Subdomains
Transfer
86 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1202
q.stripe.com — Cisco Umbrella Rank: 7069
m.stripe.com — Cisco Umbrella Rank: 1158
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 6041
r.stripe.com — Cisco Umbrella Rank: 4272
1 MB
42 google.com
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2786
play.google.com — Cisco Umbrella Rank: 34
873 KB
22 classy.org
prod-frs.content.classy.org — Cisco Umbrella Rank: 79867
pay.classy.org — Cisco Umbrella Rank: 93346
assets.classy.org — Cisco Umbrella Rank: 91237
3 MB
16 virginiasalvationarmy.org
give.virginiasalvationarmy.org
58 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
399 KB
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
region1.google-analytics.com — Cisco Umbrella Rank: 2495
42 KB
13 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
11 KB
12 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 449
40 KB
11 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1174
lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 7716
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
2 KB
10 google.de
www.google.de — Cisco Umbrella Rank: 5171
1 KB
7 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1482
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2578
14 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 220
thesalvationarmy.demdex.net — Cisco Umbrella Rank: 394584
10 KB
6 rfihub.com
20841493p.rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
a.rfihub.com — Cisco Umbrella Rank: 3125
9 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 916
syndication.twitter.com — Cisco Umbrella Rank: 1167
analytics.twitter.com — Cisco Umbrella Rank: 690
132 KB
6 transcend.io
cdn.transcend.io — Cisco Umbrella Rank: 6491
sync.transcend.io — Cisco Umbrella Rank: 9778
136 KB
5 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1775
6 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
337 B
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
13 KB
5 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 1236
heapanalytics.com — Cisco Umbrella Rank: 1121
40 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 440
ib.adnxs.com — Cisco Umbrella Rank: 232
4 KB
4 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 571
1 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 39882
29 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 720
101 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1129
cms.quantserve.com — Cisco Umbrella Rank: 740
pixel.quantserve.com — Cisco Umbrella Rank: 945
10 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 762
notify.bugsnag.com — Cisco Umbrella Rank: 1120
253 B
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 416
149 B
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 760
2 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
2 KB
3 bttrack.com
cdn.bttrack.com — Cisco Umbrella Rank: 8485
bttrack.com — Cisco Umbrella Rank: 881
3 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 927
1011 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
135 KB
3 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 7124
api.braintreegateway.com — Cisco Umbrella Rank: 8493
54 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 958
665 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 472
379 B
2 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5631
people.api.boomtrain.com — Cisco Umbrella Rank: 5990
30 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 266
950 B
2 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1122
12 KB
2 omtrdc.net
thesalvationarmy.sc.omtrdc.net — Cisco Umbrella Rank: 361147
4 KB
2 t.co
t.co — Cisco Umbrella Rank: 510
581 B
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 718
30 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1274
16 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
238 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
146 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 612
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 511
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1172
175 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1394
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1691
109 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 635
632 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
344 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
239 B
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1102
704 B
1 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 3144
780 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5325
6 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1077
2 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1255
402 B
1 ispot.tv
pt.ispot.tv — Cisco Umbrella Rank: 2228
314 B
1 videoamp.com
b.videoamp.com — Cisco Umbrella Rank: 2584
312 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 179
2 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1026
14 KB
1 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 7487
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 636
183 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 775
30 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 16496
45 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 930
3 KB
1 tokenex.com
htp.tokenex.com — Cisco Umbrella Rank: 35999
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1018
7 KB
1 rs6.net
r20.rs6.net — Cisco Umbrella Rank: 7711
508 B
360 70
Domain Requested by
45 r.stripe.com js.stripe.com
24 play.google.com www.gstatic.com
24 js.stripe.com give.virginiasalvationarmy.org
js.stripe.com
16 give.virginiasalvationarmy.org give.virginiasalvationarmy.org
14 www.google-analytics.com give.virginiasalvationarmy.org
13 q.stripe.com give.virginiasalvationarmy.org
13 prod-frs.content.classy.org give.virginiasalvationarmy.org
prod-frs.content.classy.org
12 js-agent.newrelic.com give.virginiasalvationarmy.org
10 www.google.de
10 www.google.com 2 redirects
9 sync-tm.everesttech.net 9 redirects
8 www.gstatic.com pay.google.com
www.gstatic.com
8 googleads.g.doubleclick.net 2 redirects give.virginiasalvationarmy.org
8 pay.google.com js.stripe.com
pay.google.com
give.virginiasalvationarmy.org
www.gstatic.com
7 fonts.gstatic.com fonts.googleapis.com
6 dpm.demdex.net give.virginiasalvationarmy.org
6 pay.classy.org give.virginiasalvationarmy.org
5 live.rezync.com 4 redirects give.virginiasalvationarmy.org
5 www.facebook.com
5 bat.bing.com give.virginiasalvationarmy.org
5 bs.serving-sys.com give.virginiasalvationarmy.org
5 cdn.transcend.io give.virginiasalvationarmy.org
cdn.transcend.io
sync.transcend.io
4 p.rfihub.com 3 redirects
4 insight.adsrvr.org
4 tags.wdsvc.net 1 redirects give.virginiasalvationarmy.org
4 analytics.tiktok.com give.virginiasalvationarmy.org
analytics.tiktok.com
4 heapanalytics.com
3 idsync.rlcdn.com
3 sync.search.spotxchange.com 1 redirects
3 dsum-sec.casalemedia.com 1 redirects
3 tr.snapchat.com give.virginiasalvationarmy.org
sc-static.net
3 stats.g.doubleclick.net give.virginiasalvationarmy.org
3 connect.facebook.net give.virginiasalvationarmy.org
3 assets.classy.org
3 platform.twitter.com 1 redirects give.virginiasalvationarmy.org
2 image2.pubmatic.com
2 us-u.openx.net
2 ib.adnxs.com
2 cm.g.doubleclick.net 1 redirects
2 secure.adnxs.com 1 redirects
2 merchant-ui-api.stripe.com js.stripe.com
2 bam.nr-data.net give.virginiasalvationarmy.org
2 cms.quantserve.com 1 redirects
2 bttrack.com
2 tags.tiqcdn.com give.virginiasalvationarmy.org
2 m.stripe.com m.stripe.network
2 thesalvationarmy.sc.omtrdc.net give.virginiasalvationarmy.org
2 secure-ds.serving-sys.com give.virginiasalvationarmy.org
2 analytics.twitter.com
2 t.co
2 api.braintreegateway.com give.virginiasalvationarmy.org
2 notify.bugsnag.com give.virginiasalvationarmy.org
2 static.ads-twitter.com give.virginiasalvationarmy.org
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.youtube.com give.virginiasalvationarmy.org
2 www.googletagmanager.com give.virginiasalvationarmy.org
2 sessions.bugsnag.com give.virginiasalvationarmy.org
1 x.bidswitch.net
1 beacon.krxd.net
1 aa.agkn.com
1 partners.tremorhub.com
1 x.dlx.addthis.com
1 bpi.rtactivate.com
1 contextual.media.net
1 ps.eyeota.net
1 a.rfihub.com 1 redirects
1 people.api.boomtrain.com give.virginiasalvationarmy.org
1 20841493p.rfihub.com give.virginiasalvationarmy.org
1 pixel.rubiconproject.com
1 pixel.quantserve.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.transcend.io cdn.transcend.io
1 collect.tealiumiq.com give.virginiasalvationarmy.org
1 cdn.boomtrain.com give.virginiasalvationarmy.org
1 c1.rfihub.net give.virginiasalvationarmy.org
1 rules.quantcount.com give.virginiasalvationarmy.org
1 region1.google-analytics.com www.googletagmanager.com
1 d.turn.com 1 redirects
1 pt.ispot.tv
1 b.videoamp.com
1 cdn.bttrack.com give.virginiasalvationarmy.org
1 secure.quantserve.com give.virginiasalvationarmy.org
1 www.googleadservices.com give.virginiasalvationarmy.org
1 lasteventf-tm.everesttech.net give.virginiasalvationarmy.org
1 cm.everesttech.net 1 redirects
1 thesalvationarmy.demdex.net give.virginiasalvationarmy.org
1 syndication.twitter.com platform.twitter.com
1 sc-static.net give.virginiasalvationarmy.org
1 www.everestjs.net give.virginiasalvationarmy.org
1 fonts.googleapis.com give.virginiasalvationarmy.org
1 cdn.heapanalytics.com give.virginiasalvationarmy.org
1 geolocation.onetrust.com give.virginiasalvationarmy.org
1 code.jquery.com give.virginiasalvationarmy.org
1 cdn.plaid.com give.virginiasalvationarmy.org
1 js.braintreegateway.com give.virginiasalvationarmy.org
1 unpkg.com give.virginiasalvationarmy.org
1 htp.tokenex.com give.virginiasalvationarmy.org
1 static.cloudflareinsights.com give.virginiasalvationarmy.org
1 r20.rs6.net 1 redirects
360 99

This site contains links to these domains. Also see Links.

Domain
www.classy.org
Subject Issuer Validity Valid
give.virginiasalvationarmy.org
Cloudflare Inc ECC CA-3
2023-04-04 -
2024-04-03
a year crt.sh
classy.org
Cloudflare Inc ECC CA-3
2023-04-03 -
2024-04-02
a year crt.sh
transcend.io
Amazon RSA 2048 M02
2023-02-28 -
2023-08-18
6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
api.tokenex.com
Go Daddy Secure Certificate Authority - G2
2023-02-08 -
2024-01-12
a year crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA
2022-07-28 -
2023-08-28
a year crt.sh
secure.plaid.com
DigiCert EV RSA CA G2
2023-03-09 -
2024-04-08
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-05-12 -
2023-08-13
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-04-12
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-21 -
2023-08-21
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02
2023-02-21 -
2023-08-27
6 months crt.sh
pay.classy.org
Cloudflare Inc ECC CA-3
2023-04-08 -
2024-04-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-22 -
2023-05-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-14 -
2023-06-13
4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02
2023-03-11 -
2024-04-08
a year crt.sh
www.everestjs.net
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
sc-static.net
Amazon RSA 2048 M02
2023-01-20 -
2024-02-18
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2022-12-09 -
2024-01-07
a year crt.sh
api.braintreegateway.com
DigiCert SHA2 Extended Validation Server CA
2022-09-07 -
2023-10-08
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
secure-ds.serving-sys.com
R3
2023-05-02 -
2023-07-31
3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-12
a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-03-08
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-28 -
2023-07-26
4 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-04 -
2024-04-21
a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2023-03-13 -
2024-04-12
a year crt.sh
*.rezync.com
Amazon RSA 2048 M02
2023-02-22 -
2023-12-23
10 months crt.sh
*.videoamp.com
Amazon RSA 2048 M01
2023-02-23 -
2023-10-04
7 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ispot.tv
R3
2023-05-14 -
2023-08-12
3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
*.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
quantserve.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
*.rfihub.net
Amazon RSA 2048 M01
2023-02-24 -
2023-12-29
10 months crt.sh
*.boomtrain.com
Amazon RSA 2048 M02
2023-02-09 -
2024-03-09
a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M02
2023-02-10 -
2023-09-23
7 months crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2
2022-11-03 -
2023-11-01
a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-27 -
2024-04-27
a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M02
2023-02-24 -
2023-11-14
9 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
rtactivate.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.search.spotxchange.com
GeoTrust TLS RSA CA G1
2023-04-24 -
2024-05-10
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh

This page contains 16 frames:

Primary Page: https://give.virginiasalvationarmy.org/give/485836/
Frame ID: 4D75CE8B12BD6AE1104576A2534BC23B
Requests: 189 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 0C82F917526449F38FB64B0248957BE5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 19223E497B2055990D2FED9AA86B86C2
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.virginiasalvationarmy.org
Frame ID: 89E691435B96F7487680E5CFEE89D194
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Frame ID: 37F94EFF3FA17C4B90BA3B8E55B0F06E
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Frame ID: 09BA8FB4F8E1F959453FB767C656123B
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Frame ID: 1AA1CAACDAD39ECD5B9BBB2633A03E47
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Frame ID: BA52F64F839FBF435A299672BB415E1E
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Frame ID: 8C9820CB5DE1E453E9566F7EA97C411A
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Frame ID: 98157A15F8C319297D7C96B48C7FEAAC
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5ce1f9d9-71a9-44c4-827d-24f151ac647c&u_scsid=643d11a4-6a0c-4baa-a8b8-fcc98752376f&u_sclid=39aec17a-6bb8-4fdb-8c58-6a43e0e6d945
Frame ID: 21CC6B55CEE4503F7D36B74A6605101F
Requests: 1 HTTP requests in this frame

Frame: https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Frame ID: 828489992A0F8A14D860B77741FC09A6
Requests: 15 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 21FD3B6A9DEB673B5FD4C7F05815CB71
Requests: 15 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 6A60CFB249B1AF126A1D4B02FBB08F99
Requests: 15 HTTP requests in this frame

Frame: https://sync.transcend.io/consent-manager/d1a4d701-2ca2-487c-9b90-59558395eb44
Frame ID: F5D4EB378589FE0069072C9D72B9F385
Requests: 2 HTTP requests in this frame

Frame: https://20841493p.rfihub.com/ca.html?ver=9&rb=46794&ca=20841493&_o=46794&_t=20841493&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&pe=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pf=&ra=5559935633920579
Frame ID: 91250CBE6897E459051EF2D1E9547C9F
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Donate to Doing the Most Good 23 National Capital AC

Page URL History Show full URLs

  1. https://r20.rs6.net/tn.jsp?f=001uM0lb4q9GrwkSs0OGmZi-y6AW2YBiyGAq6xUfiBnxwLoge_RUceRpg6UL_qTGZCt... HTTP 302
    https://give.virginiasalvationarmy.org/give/485836/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

360
Requests

93 %
HTTPS

37 %
IPv6

70
Domains

99
Subdomains

87
IPs

7
Countries

6519 kB
Transfer

18359 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r20.rs6.net/tn.jsp?f=001uM0lb4q9GrwkSs0OGmZi-y6AW2YBiyGAq6xUfiBnxwLoge_RUceRpg6UL_qTGZCtqVAB1RdDnCm-nbsKa02KwKuPnoRyavJL7G2rj0tkCsvwGq8HbdlNARiUgSNiLNQhd1g6_sWmjLpyPjLLE022lNMjib3urWqSUkH7ObL1GHCfvR5MezNfV2fS90rcMrntW4N8yS2u315LoKaUuDb0xK2tHlLEnVjfvyiERTYgFPRZe33Cx2zKb7DaEt0QNqJQIdC8Ofpegge0euChxyo757S7lQzhHDcidmNu1Og3bg39lcPqwYvURNb4vBRT6hvq9AtrZQbFduNTcWKzxU4jxZzo5ok5tDi1Frr91TJnk6BtWMuFAVNxvuGUe45u33Y8S6rwLGUph_6U-adhHCIAPNIGrYwyBXk0&c=aW_MqQxSS2qfjubozt4jRCn2kehvEs01TKmedUIyC2xQmLt3kV7aqw==&ch=tYYCV1pRjKotiwH-nd_nl58UjYskW6f_LAq-4rViKhenI-AEIKEQpg== HTTP 302
    https://give.virginiasalvationarmy.org/give/485836/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 141
  • https://cm.everesttech.net/cm/dd?d_uuid=67672215586099229203786893713116184217 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGN-PwAAAGBInQNn
Request Chain 178
  • https://tags.wdsvc.net/controller.js?id=100423 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100423&v=4.10&t=1684242239707
Request Chain 227
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8332250742818868887
Request Chain 234
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&auid=1357866923.1684242238&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=P39jZKLSFvKKmLAPzfSZwA8&sscte=1&crd=&eitems=ChAI8NOMowYQ7Yme_4qq3ecgEh0AAVRQQPk6gjVibofdtlmGAiTSjHUnT9w7sKWbsA&pscrd=Ek5DaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVlBbm5PQWwycGlCWTBiRG9wOXZ6N1FCUEV5bjZ2R3d2UHhpZWtlYmR6dHRrMm5DT0pYaUEaWkNoRUk4Tk9Nb3dZUXdfYWluc25qdnRMQ0FSSXVBRDRvOGpOZHhXWGMxRS1ZV3l3VmtldjdOY2hZWVctbVkyTzhJbkNvVzc0YzVsR2c2cE9iOGZvRkphUTVEUQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&auid=1357866923.1684242238&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVlBbm5PQWwycGlCWTBiRG9wOXZ6N1FCUEV5bjZ2R3d2UHhpZWtlYmR6dHRrMm5DT0pYaUEaWkNoRUk4Tk9Nb3dZUXdfYWluc25qdnRMQ0FSSXVBRDRvOGpOZHhXWGMxRS1ZV3l3VmtldjdOY2hZWVctbVkyTzhJbkNvVzc0YzVsR2c2cE9iOGZvRkphUTVEUQ&is_vtc=1&ocp_id=P39jZKLSFvKKmLAPzfSZwA8&cid=CAQSKQBygQiDX3HR6gankLEyuR2CVGdq06YjI_QJ3VyoNUE6J99K_jK1GDFe&eitems=ChAI8NOMowYQ7Yme_4qq3ecgEh0AAVRQQKLXYgm5-smXK13M44aq-RlRUR8aL-B5lQ&random=2552232853 HTTP 302
  • https://www.google.de/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&auid=1357866923.1684242238&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVlBbm5PQWwycGlCWTBiRG9wOXZ6N1FCUEV5bjZ2R3d2UHhpZWtlYmR6dHRrMm5DT0pYaUEaWkNoRUk4Tk9Nb3dZUXdfYWluc25qdnRMQ0FSSXVBRDRvOGpOZHhXWGMxRS1ZV3l3VmtldjdOY2hZWVctbVkyTzhJbkNvVzc0YzVsR2c2cE9iOGZvRkphUTVEUQ&is_vtc=1&ocp_id=P39jZKLSFvKKmLAPzfSZwA8&cid=CAQSKQBygQiDX3HR6gankLEyuR2CVGdq06YjI_QJ3VyoNUE6J99K_jK1GDFe&eitems=ChAI8NOMowYQ7Yme_4qq3ecgEh0AAVRQQKLXYgm5-smXK13M44aq-RlRUR8aL-B5lQ&random=2552232853&ipr=y&ezwbk=AZuM4hAb3GRi-z9R3N1HCTrnsKl4AqmVAjaPKtuqb18cjTw4eY1XkZq1l84yUcu_FdpXSD3h13i4uSWtsWLHQHzuD0sp
Request Chain 253
  • https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=FBmIARVLjVQPGtgAGxyTChRP2wQPTNwDFRhqIUvg
Request Chain 257
  • https://secure.adnxs.com/seg?add=31205707&t=1&cb=1684242239.565541 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31205707%26t%3D1%26cb%3D1684242239.565541
Request Chain 259
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?value=0&guid=ON&script=0&data=aam=19679484 HTTP 302
  • https://www.google.com/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168 HTTP 302
  • https://www.google.de/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168&ipr=y
Request Chain 276
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=67672215586099229203786893713116184217&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
Request Chain 280
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdOLVB3QUFBR0JJblFObg==
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGN-PwAAAGBInQNn&expires=90
Request Chain 283
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn&C=1
Request Chain 284
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZGN-PwAAAGBInQNn
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGN-PwAAAGBInQNn
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGN-PwAAAGBInQNn
Request Chain 316
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1&__user_check__=1&sync_id=2097c0bd-f3ea-11ed-91f8-1a27ea400306
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGN-PwAAAGBInQNn&t=2592000&o=0
Request Chain 335
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be821687%253A1684242239.5619214%26_%3D1684242241.4487467&cb=1684242241.4487839 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be821687%253A1684242239.5619214%26_%3D1684242241.4487467 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.4487467
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNTIwMzY4MjA2OA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEG6lLY331ajfMw6wunrocck&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be821687%253A1684242239.5619214%26_%3D1684242241.6118073&cb=1684242241.611831 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be821687%253A1684242239.5619214%26_%3D1684242241.6118073 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.6118073
Request Chain 341
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5140084925203682068&bid=omt9pi0
Request Chain 352
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGN-PwAAAGBInQNn

360 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
give.virginiasalvationarmy.org/give/485836/
Redirect Chain
  • https://r20.rs6.net/tn.jsp?f=001uM0lb4q9GrwkSs0OGmZi-y6AW2YBiyGAq6xUfiBnxwLoge_RUceRpg6UL_qTGZCtqVAB1RdDnCm-nbsKa02KwKuPnoRyavJL7G2rj0tkCsvwGq8HbdlNARiUgSNiLNQhd1g6_sWmjLpyPjLLE022lNMjib3urWqSUkH7O...
  • https://give.virginiasalvationarmy.org/give/485836/
115 KB
33 KB
Document
General
Full URL
https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5ae5f25752450fc87cf9705569e705ad790f712a9ede11a3fda4ce29561ded
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7c83d2d30cdf5c6e-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:56 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 16 May 2023 13:03:55 GMT
Location
https://give.virginiasalvationarmy.org/give/485836/#!/donation/checkout?utm_campaign=smg_monthly&utm_source=email&utm_medium=cc&utm_content=may_mostgood&c_src=23DMEEMORGCSD23NCA&c_src2=email
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
main.css
prod-frs.content.classy.org/prod/18272/static/frs/
1 MB
141 KB
Stylesheet
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
RXJE8WY6H211K9BK
age
47311
cf-polished
origSize=1111771
x-amz-server-side-encryption
AES256
x-amz-id-2
brk69whFC/EauY/TVoFZ36xiY7hWK368EzfnHyepewKLOy8NzjrMO54Whvq3lQmkRjkV5E9lKjU=
cf-bgj
minify
last-modified
Thu, 11 May 2023 18:46:45 GMT
server
cloudflare
etag
W/"699816fb5249a1fd21c0d75e7b4a14ee"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
7c83d2d8ffee1907-FRA
airgap.js
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
107 KB
41 KB
Script
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4387132b080bafa8682f414e3a6b1acd40b7dc9f1d27b92fcedd916b45329855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 06:30:07 GMT
content-encoding
br
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
23629
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-amz-cf-id
5q3DBBtwapVhST4H4s11SvdTuzfhqvc5ryEugK0YKcjWx0x2P9vR6w==
x-xss-protection
1; mode=block
rocket-loader.min.js
give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/give/485836/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 14:04:08 GMT
server
cloudflare
content-encoding
gzip
etag
W/"645e4758-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7c83d2d95c875c6e-FRA
expires
Thu, 18 May 2023 13:03:56 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://give.virginiasalvationarmy.org/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7c83d2d9fcad92a2-FRA
ui.js
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
265 KB
77 KB
Script
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5f80e8b2ce49cb4e240c2b130bef7e61f4f2771decb22a67139908f827f73a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.virginiasalvationarmy.org/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
_.oy8wTzJyPsvnrgZjIZZgYOWMVhAxRr
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 20:59:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
57872
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 May 2023 20:48:55 GMT
server
AmazonS3
etag
W/"a1bc3e8b43f5d659e1f3fa5dc3b08893-1"
x-frame-options
SAMEORIGIN
access-control-max-age
3600
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=60,s-maxage=86400
vary
Accept-Encoding
x-amz-cf-id
AE-XcBhyWj_MYoqr7qD6xbDUJv-99MYQknxG1ZCdr7bX_ObHeSJ82Q==
onetrustConsent-1539020710655.js
prod-frs.content.classy.org/prod/18272/static/onetrust/
50 KB
12 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/onetrust/onetrustConsent-1539020710655.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
65ZFFJJP2647DKHP
age
46718
cf-polished
origSize=54583
x-amz-server-side-encryption
AES256
x-amz-id-2
wuS0OE97kG/910gZ9R9Ia4/G1XN/KrZA35CAvDp23qTkuEQewlYq8f5Eu5RQLR2AUGoFS0/70F2IoyeirE8YIg==
cf-bgj
minify
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
etag
W/"64c3a4446a1c238c4df7f2db78163772"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7c83d2da39651907-FRA
iframe-v3.min.js
htp.tokenex.com/iframe/
18 KB
5 KB
Script
General
Full URL
https://htp.tokenex.com/iframe/iframe-v3.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:03:56 GMT
last-modified
Tue, 27 Dec 2022 16:48:20 GMT
etag
"0a2816131ad91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
4568
x-xss-protection
1; mode=block
paypal-js.legacy.min.js
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12457254
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GMZ2CRQS59VZE35ZP316CZV0-fra
server
cloudflare
etag
W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c83d2daa9302bd6-FRA
module.min.js
prod-frs.content.classy.org/prod/18272/static/frs/donation/
182 KB
37 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/frs/donation/module.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee355326792798f103e98de1800885cb089b9015ec830f9b5f54d1de51e3230c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:45 GMT
server
cloudflare
x-amz-request-id
YAY479CQVM6KTVHZ
age
47311
etag
W/"860739e5dda59d4fee4a738e6b582729"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7c83d2da39661907-FRA
x-amz-id-2
FhFkBX432trr+56zbTV4rhM6k2rmgHhsnRHiojglMWNER3sUU+51YD1sMnwreuReTgDHZyaWDHM=
module.min.js
prod-frs.content.classy.org/prod/18272/static/global/
2 MB
377 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/module.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c34824d9d89e5f0cf26c803ee530c9c58f53dcd00a7da8448285105d86d9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
XGDDK4NMFSPESSBP
age
47344
etag
W/"2a1eeb2c047787f4090a075756546dc3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7c83d2da39681907-FRA
x-amz-id-2
bsgNC7FI6/FmMX6U31irDlbsu0kGeV38TEVYNjfaSr/oAQjP5cpfpdrfH12Q6AZxVFM2ANfYJtM=
libs.min.js
prod-frs.content.classy.org/prod/18272/static/global/
1 MB
430 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/libs.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
XGDERBSF2XYN82VA
age
47344
etag
W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7c83d2da396b1907-FRA
x-amz-id-2
tJUwkm/67ohO084LuyXmlqrxHLbHCo9HLaAeaAc3Zr69JOv0dWW19OGYgQx3WB0Cv7KVcgmNEpM=
braintree.js
js.braintreegateway.com/v2/
175 KB
50 KB
Script
General
Full URL
https://js.braintreegateway.com/v2/braintree.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-109.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 11:57:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 09 May 2023 22:11:18 GMT
server
nginx
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"645ac506-2bc3c"
age
3975
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
YsKkmyTN1G3K8kW5Pr_Y2gE495-ep7V1yhMlkMcQXCGmQKxSTAlcxg==
expires
Wed, 17 May 2023 11:57:41 GMT
link-initialize.js
cdn.plaid.com/link/v2/stable/
143 KB
45 KB
Script
General
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec234d20baef61dfd0c13ad5e4d6c8b2f46066e08fb0df08a6d1bd426b302fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 22:41:13 GMT
x-amz-version-id
_8.TXpTOWgaAGC4AksntP.Woa598bAl1
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-request-id
WV562CZR24RR15R4
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
age
51763
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
ZSV5YJn7b9zM5FZjfTTXQWOKyjCMlPZiaNI2RCW0/I7KbzUWJ4IuHIYzbEimo7zRkpHzkmIJ0cU=
last-modified
Mon, 15 May 2023 21:13:55 GMT
server
AmazonS3
etag
W/"bfcd75f9548de032881ba5e1695e1667"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
KZMtDUsajvzTon9O5PauDbLHxDIb6zVQ5yUf3NkQCvSv7XhttDceIg==
/
js.stripe.com/v3/
471 KB
113 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0607447000f16c51d52b2ffdc6b9ab1ba6227b825d9296170120476d463c6f22
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:03:36 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
20
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:32:58 GMT
server
Cloudfront
etag
W/"75e11db97090971530d16eeed95ca91e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
Syrvqf4UajzwVubDowAG99LhQ7f9x4AUlsj-VgwolGFBrX5GE-8omA==
cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
15 KB
4 KB
Stylesheet
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67042ecb09a9f201dd298c4bb1b29f3493f5028b181e03792bc5c18c626e6b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
5ZWPHux37puHknNuE7A9FLKCqt6892GF
content-encoding
gzip
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 23:56:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
47225
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 May 2023 20:48:55 GMT
server
AmazonS3
etag
W/"f9f84c5e024c8b62d194983e6f1df398-1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
PvF4Gg8Ui8WxVjUj2ihdQ_E6F3nZxh11PqC0qBtumt7HnCkrJ7YBvA==
en.json
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/
6 KB
2 KB
Fetch
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b725f037fc61599399da5afafd3a830d2a3534ef6299a6b52dac4bc100c2b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
ntf4RZ5hMFYAgZHavjjZ.1JYuSAXnfzN
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
date
Tue, 16 May 2023 00:00:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
46979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 May 2023 20:48:55 GMT
server
AmazonS3
etag
W/"c348bcd3a78347b1a86a6b1d42b20296-1"
x-frame-options
SAMEORIGIN
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=60,s-maxage=86400
vary
Accept-Encoding
x-amz-cf-id
uF6AfLjaX3B-pP9g-m5-DEsDSHsIHGpWVMDDH203fuiYpGnEQAEfVA==
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 16 May 2023 14:35:39 GMT
/
sessions.bugsnag.com/ Frame
0
0
Preflight
General
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://give.virginiasalvationarmy.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 16 May 2023 13:03:57 GMT
via
1.1 google
/
sessions.bugsnag.com/
21 B
140 B
XHR
General
Full URL
https://sessions.bugsnag.com/
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://give.virginiasalvationarmy.org/
Bugsnag-Sent-At
2023-05-16T13:03:57.009Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
ed2f4223afa43ef4870a151ab82d1ac6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:57 GMT
via
1.1 google
bugsnag-session-uuid
5c392f9d-3be5-49ed-bb35-32300a6b11e6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
gtm.js
www.googletagmanager.com/
611 KB
161 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMXWH57
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e04617d46dd15fec0ae662afdc7d6bd0824eb9313b0c0fbe7552b9a7cd5956d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164032
x-xss-protection
0
last-modified
Tue, 16 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 May 2023 13:03:57 GMT
sdk.js
give.virginiasalvationarmy.org/sso/
13 KB
4 KB
Script
General
Full URL
https://give.virginiasalvationarmy.org/sso/sdk.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44d5b965d360cd9c8e2fdc4d06e115266a1fbcac34f1b511395e4f9059577a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/give/485836/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 12:47:53 GMT
cf-bgj
minify
server
cloudflare
age
964
cf-polished
origSize=25154
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1200
cf-ray
7c83d2dd68fa5c6e-FRA
expires
Tue, 16 May 2023 13:07:53 GMT
jquery-3.6.1.min.js
code.jquery.com/
88 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://give.virginiasalvationarmy.org/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1684242237.dop007.fr8.t,1684242237.cds283.fr8.hn,1684242237.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 0C82
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
359
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 12:57:58 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Thu, 11 May 2023 20:01:43 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
BrqH167MPQjBUL2xSj0dun7XtqeOEioQFvlRqFRzOpNd1ogSg3Nesg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
async-api.ad3273bd-1.232.0.min.js
js-agent.newrelic.com/
3 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HV6J6QHFFESHJRR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1353
x-amz-id-2
BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242237.287740,VS0,VE0
etag
"d7011e3a3501d54c9be8929572a18598"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5144
session-manager.2a8d47d1-1.232.0.min.js
js-agent.newrelic.com/
15 KB
6 KB
Script
General
Full URL
https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YC9JCZQM6STQJG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5781
x-amz-id-2
MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242237.287764,VS0,VE0
etag
"e42e9b9282d7865427c32ad60eea44b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3204
optanon.css
prod-frs.content.classy.org/prod/18272/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/
22 KB
6 KB
Stylesheet
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
Y6DGCNMJ84Q7Q4SH
age
46718
cf-polished
origSize=22581
x-amz-server-side-encryption
AES256
x-amz-id-2
Fw/eiLjxI8QNOfOfuDMEvekcRenBQN478YbxEP+x8g4LRapKrBk/d2zo5tBSHXi636qQhSQFovfRUMwphlN64GXC1vhEtKEWFpNkvIofVfE=
cf-bgj
minify
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
etag
W/"5ec3a032a0370bd8e3f63adf430b4617"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
7c83d2de1ddd1907-FRA
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/
32 B
183 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32105621363941671711_1684242236875&_=1684242236876
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
7c83d2df1ee63838-FRA
content-length
32
vary
Accept-Encoding
content-type
text/javascript
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27630
x-served-by
cache-iad-kiad7000096-IAD, cache-fra-etou8220060-FRA
last-modified
Tue, 24 Jan 2023 21:41:51 GMT
etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
iframe_api
www.youtube.com/
1 KB
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 16 May 2023 13:03:57 GMT
heap-1566116007.js
cdn.heapanalytics.com/js/
122 KB
39 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-1566116007.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-86.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
d3e776173afd35688e9c815151f676b6f2b537da0d1a728287826d539186fc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:02:26 GMT
content-encoding
br
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-C2
age
91
x-powered-by
Express
etag
W/"1e701-As5XZ+6VshPli58EJrdmBpTGeBQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vOb5zEpBA9I9iS6XryFxao8jToXMv0qpxCOIlra1cWB9RRqKJceCgg==
rum
give.virginiasalvationarmy.org/cdn-cgi/
0
152 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/cdn-cgi/rum?
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-f2c8f87f02b9a74e----1684242237461
traceparent
00-fbddf3b25c7a6ed70678664cb3a41f00-f2c8f87f02b9a74e-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmMmM4Zjg3ZjAyYjlhNzRlIiwidHIiOiJmYmRkZjNiMjVjN2E2ZWQ3MDY3ODY2NGNiM2E0MWYwMCIsInRpIjoxNjg0MjQyMjM3NDYxfX0=
content-type
application/json
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://give.virginiasalvationarmy.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c83d2e03bd95c6e-FRA
market-data
give.virginiasalvationarmy.org/frs-api/crypto-giving/BTC/USD/
35 B
131 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/crypto-giving/BTC/USD/market-data
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d886aab53efdd3aa1a92b59cd24b3e11aab1f5f2477acbde37d50044cd11af2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-7be0fabf72eb1d5b----1684242237550
traceparent
00-9db1c25b6a2643408e9ba23cf31f5f00-7be0fabf72eb1d5b-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3YmUwZmFiZjcyZWIxZDViIiwidHIiOiI5ZGIxYzI1YjZhMjY0MzQwOGU5YmEyM2NmMzFmNWYwMCIsInRpIjoxNjg0MjQyMjM3NTUwfX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"23-RHkJRkLI3Zz7xpq6AqpGvvii21Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cf-ray
7c83d2e0cc885c6e-FRA
content-length
35
tax-entities
give.virginiasalvationarmy.org/frs-api/organizations/50872/
397 B
317 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/organizations/50872/tax-entities
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662b73b18b811de384591b752e56a6f85f053043a97fe1634d61c4636072d77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-d9797d3364649e1a----1684242237553
traceparent
00-56af4b956e43243b88e5ac5052b42b00-d9797d3364649e1a-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkOTc5N2QzMzY0NjQ5ZTFhIiwidHIiOiI1NmFmNGI5NTZlNDMyNDNiODhlNWFjNTA1MmI0MmIwMCIsInRpIjoxNjg0MjQyMjM3NTUzfX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"18d-ioMAG47a6RnnOxZC8BDInwezN48"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c83d2e0cc8b5c6e-FRA
ach-account-routing
give.virginiasalvationarmy.org/frs-api/organizations/50872/
33 B
190 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/organizations/50872/ach-account-routing
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-e3f4dc41742d1a14----1684242237555
traceparent
00-b980b1d4d0dff1f97879d3b07a76f900-e3f4dc41742d1a14-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlM2Y0ZGM0MTc0MmQxYTE0IiwidHIiOiJiOTgwYjFkNGQwZGZmMWY5Nzg3OWQzYjA3YTc2ZjkwMCIsInRpIjoxNjg0MjQyMjM3NTU1fX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c83d2e0cc8c5c6e-FRA
content-length
33
braintree
pay.classy.org/token/
3 KB
3 KB
XHR
General
Full URL
https://pay.classy.org/token/braintree?applicationId=8263&currency=USD
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
036c946861b1139188b23701869a760a86f28e57519a5c586274c02ab1549d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
e3ac4a7b-2b6c-4560-9614-7a84a9183ffc
cf-ray
7c83d2e2dd9a928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
plaid
pay.classy.org/token/
88 B
588 B
XHR
General
Full URL
https://pay.classy.org/token/plaid?applicationId=8263&currency=USD
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
5b8dc389-31b4-44c5-b90b-255eca197688
cf-ray
7c83d2e2dd9c928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
designations
give.virginiasalvationarmy.org/frs-api/campaign/485836/
1 KB
810 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/campaign/485836/designations?per_page=100
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3122174b8023e953b9111a90d35f42995df47f9dc138a32e44e284efc64ab77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-641aa7611a031683----1684242237717
traceparent
00-680db91e4d6301e6a67db5528b4b5000-641aa7611a031683-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NDFhYTc2MTFhMDMxNjgzIiwidHIiOiI2ODBkYjkxZTRkNjMwMWU2YTY3ZGI1NTI4YjRiNTAwMCIsInRpIjoxNjg0MjQyMjM3NzE3fX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"484-OXV2uXl8uUkk9cDwSc42TfHrLss"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c83d2e1cdb05c6e-FRA
designations
give.virginiasalvationarmy.org/frs-api/campaigns/485836/
1 KB
636 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/campaigns/485836/designations?filter=id%3D67905
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb6f7ec43a14319ab082b3d4ce3c97b80c7cb66a0d4c55b3fd0e8a4645ca050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-9c2cc0f6bbd2c514----1684242237719
traceparent
00-5755a9e78a26fa47614ecc9f6a4b7900-9c2cc0f6bbd2c514-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YzJjYzBmNmJiZDJjNTE0IiwidHIiOiI1NzU1YTllNzhhMjZmYTQ3NjE0ZWNjOWY2YTRiNzkwMCIsInRpIjoxNjg0MjQyMjM3NzE5fX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"47d-U7SctHx+zbd7zi6Bi7cH4SOhqOc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c83d2e1ddb55c6e-FRA
currency-conversions
give.virginiasalvationarmy.org/frs-api/i18n/
75 B
208 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5695fbe7187b04a80233bc08242242346eb7b61e327712f6bf5198d5322f569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
tracestate
423787@nr=0-1-423787-363751183-09fe7f285b4fd75c----1684242237832
traceparent
00-5649934d11c42be0c29ee97674339100-09fe7f285b4fd75c-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwOWZlN2YyODViNGZkNzVjIiwidHIiOiI1NjQ5OTM0ZDExYzQyYmUwYzI5ZWU5NzY3NDMzOTEwMCIsInRpIjoxNjg0MjQyMjM3ODMyfX0=
Accept
application/json, text/plain, */*
csrf-token
WX9jFWit-d9cmDp0uQhjdjs2zbm4150VFWWI
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"4b-Tserxwl73RtPMxoKML4Zx8Syioc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c83d2e28e845c6e-FRA
braintree
pay.classy.org/token/
3 KB
3 KB
XHR
General
Full URL
https://pay.classy.org/token/braintree?applicationId=8263&currency=EUR
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96964a152615d8455bbac7c9527520b00bb2c14ace438180323067d25eef74f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
49e8b76f-3305-49b9-b971-819098492e2f
cf-ray
7c83d2e2dd9e928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
user-icon.png
give.virginiasalvationarmy.org/static/global/images/
2 KB
3 KB
Image
General
Full URL
https://give.virginiasalvationarmy.org/static/global/images/user-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/give/485836/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
586199
cf-polished
origFmt=png, origSize=4588
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4Wxss.ffn6WMPOhAiLHMJwmG6lEPL_R3wcqjrIFhCMM-1684242237-0-AcUxeGjFrECZQ9Ha_wd-BWvLwb3SwHrnyvS_cq0hjK468JaARlRqDcForMYidC9EbGAJdWnYpM4A0J2hvvRNSkRSYq-Jz_unIDA0ugZEpCpakx43LMm2oH90cfR0xP-MwLqL_G6uxRkEFeUM4ZeudKiGKS1QxZkJ1YBzVQpLOVpk; report-to cf-csp-endpoint
content-disposition
inline; filename="user-icon.webp"
content-length
2024
last-modified
Mon, 24 Apr 2023 22:06:44 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6446fd74-11ec"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4Wxss.ffn6WMPOhAiLHMJwmG6lEPL_R3wcqjrIFhCMM-1684242237-0-AcUxeGjFrECZQ9Ha_wd-BWvLwb3SwHrnyvS_cq0hjK468JaARlRqDcForMYidC9EbGAJdWnYpM4A0J2hvvRNSkRSYq-Jz_unIDA0ugZEpCpakx43LMm2oH90cfR0xP-MwLqL_G6uxRkEFeUM4ZeudKiGKS1QxZkJ1YBzVQpLOVpk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7c83d2e29e935c6e-FRA
expires
Wed, 08 May 2024 18:13:58 GMT
a1294e68-ed1d-11ea-afa7-0ee030372895.jpg
assets.classy.org/6636092/
40 KB
40 KB
Image
General
Full URL
https://assets.classy.org/6636092/a1294e68-ed1d-11ea-afa7-0ee030372895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1894eb39d9509920da5e997893fbf884b9e800008b3e0d3962eac0b1cd8eff36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
L9YrvpJJ53yktQwXMGrtGBESWBr_z2S4
age
1023426
x-amz-cf-pop
FRA6-C1
cf-polished
qual=85, origFmt=jpeg, origSize=641572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-disposition
inline; filename="a1294e68-ed1d-11ea-afa7-0ee030372895.webp"
content-length
40898
last-modified
Wed, 02 Sep 2020 13:10:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"1e07703320243e370330520e90bcbae1"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
7c83d2e2baab1907-FRA
x-amz-cf-id
PVAZBBkxcRRRS7xVYtxnYo0NDPMpVNy6xRFbBE3zbzoxfDx05f7RGw==
867f59aa-d7ac-11ed-9090-0ebc5ffbcef3.jpg
assets.classy.org/10110876/
2 MB
2 MB
Image
General
Full URL
https://assets.classy.org/10110876/867f59aa-d7ac-11ed-9090-0ebc5ffbcef3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2461dfa543477f00bbd6f1cb1ac2d53d1b8816c3da3913673f95cef5f7fca5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-version-id
bFVDS2Y1LxMOORrPnOr0itcgQPCGxt6m
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1696093
last-modified
Mon, 10 Apr 2023 14:32:33 GMT
server
cloudflare
etag
"3140f130e58e484a028e20bb2853f92b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
7c83d2e2baac1907-FRA
x-amz-cf-id
FdtAeLli_93pcs5-YRXNX3mpFXVZSkFNN5zi84M9Lm-xJxdq11Kn-g==
logo-paypal.svg
give.virginiasalvationarmy.org/static/global/images/payments/
4 KB
3 KB
Image
General
Full URL
https://give.virginiasalvationarmy.org/static/global/images/payments/logo-paypal.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/give/485836/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 11 May 2023 18:42:08 GMT
server
cloudflare
etag
W/"645d3700-1042"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c83d2e29e945c6e-FRA
expires
Wed, 15 May 2024 13:03:58 GMT
crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/
1 KB
946 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
K3ME56PJYAX98M3W
age
47236
etag
W/"2861fb7a07b041686ba6360cf7908e28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
7c83d2e29a8e1907-FRA
x-amz-id-2
DgOvHEAGkQ7XYT7PYfJY9rKpMuSA5xN9SV5fFxCQGUKwnHvqBAyUZmfMjEWwNc06/kb9xvSK4K59SXTK/lT54paZn0Oxp3LPfZdSpjmmlb0=
crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/
545 B
433 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
K3M8BHJJX7GVFS49
age
47236
etag
W/"c8896ba26efa2a5d9aa1659b4aef1f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
7c83d2e29a901907-FRA
x-amz-id-2
M8UgArdJA/2W/69DI+me6jcK2s7fKJqTKZ3waMcPA9wZrnB3tEk4HkSbmhJrY4ZlpA5Gl2X4Cjgf4f15Ju11aA==
crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/
2 KB
1 KB
Image
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
K3M1RDZFD84YQZJZ
age
47236
etag
W/"120e9a5c0d8ae8e313213cbb2284cafe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
7c83d2e29a931907-FRA
x-amz-id-2
kDGXnm7X31rjbjlYNHl07DWfUgMjA7LhZ98skt4V6MumhHisAfH78tp1vRXXamRdqIRcRjnLSYV15/t2/L1I1/RNjsnOG/jA4JR0ONljIO4=
crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/
453 B
511 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/images/crypto-giving/crypto-giving-arrows.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
x-amz-request-id
K3MDJD5WRS82BZN7
age
47236
etag
W/"332ba480e7dc5a9687ededc7c4333e80"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
7c83d2e29a941907-FRA
x-amz-id-2
zdVlLbmojaUVfIjgka4e6ExsRK/fv+b6SdtGGstOWIK4zQHD7syCPAtsloAQzkO65UCYAc3CTd3BetdXcKUAyoiCb8OxfBZBe4hjq/o/Crc=
95b04d70-e2cf-11ed-8883-0ab7aaa9b05d.png
assets.classy.org/10110876/
4 KB
4 KB
Image
General
Full URL
https://assets.classy.org/10110876/95b04d70-e2cf-11ed-8883-0ab7aaa9b05d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2623ce99291eaf91d54260dbde0f3d5cd635419df45ed8c656e269660e99d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 254481445d8132fe5e910798564f6684.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-version-id
aA.otoFgR1AtLWt6eEVvm8Xeih3rTfH5
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
4313
last-modified
Mon, 24 Apr 2023 18:41:13 GMT
server
cloudflare
etag
"02287b12d48249810cf66f0d1bbd7795"
vary
Accept-Encoding
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
7c83d2e2baae1907-FRA
x-amz-cf-id
WTDcsc9g8QSoW7wEiSYP3KWcvAz-3PK54eS86rf52AweJovG5ROSHw==
dropdown-caret.png
prod-frs.content.classy.org/prod/18272/static/global/images/
394 B
714 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/images/dropdown-caret.png
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-amz-request-id
K3ME67A80XSBK3D3
age
47236
cf-polished
origFmt=png, origSize=547
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="dropdown-caret.webp"
content-length
394
x-amz-id-2
SKu1m0ye4oJdcnOqEGstKYAXb1JA7g+e/on6i2E7r/bBBreJGKbDWpMXBZWaVAtswzq/C92pnXqbt2TZwwBQNEPV5ERdfPS6qYfJ7boI/xM=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
etag
"43da60879cfe0801ed7fc830a628885c"
vary
Accept
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7c83d2e29a991907-FRA
ClassyIcons.woff
prod-frs.content.classy.org/prod/18272/static/global/fonts/
42 KB
43 KB
Font
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/global/fonts/ClassyIcons.woff
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2291a09f97aa5abbac3745131d1420ca48172b1990ee6975c9d2f38046af4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-amz-request-id
T9KZRJZ8TZ8TW9XA
age
15113
x-amz-server-side-encryption
AES256
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=St3gcSqdZc1WlxRnu5aWfpaa91tNKxDEIz9HrpST3h4-1684242237-0-AXck1JBbzA6meYv-YfKhSPtvDK2kF7gt6IhLMLclf6ez9YWWSG9W7tdzmA6PPELT5fKqLdOCpoZ4wr-qW08bHbrldK6xLgM-JI1ATNhGug4H5IHq_a-UvFnkD0Gss3-oYWa2Ny-_yP0y_YLrj2jUQQPgAtLvTFzxwnMkt-nUSUPO; report-to cf-csp-endpoint
content-length
43184
x-amz-id-2
B116fIp6nU5oTq1n7Fe+NpY3RAVF4oksGJU+wk4tQmeXEY03CLMsJqRjrXCoHlNx43qhu0OUd9o=
last-modified
Thu, 11 May 2023 18:46:46 GMT
server
cloudflare
etag
"2ace42b8e5a115e00d04466ba998fb88"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=St3gcSqdZc1WlxRnu5aWfpaa91tNKxDEIz9HrpST3h4-1684242237-0-AXck1JBbzA6meYv-YfKhSPtvDK2kF7gt6IhLMLclf6ez9YWWSG9W7tdzmA6PPELT5fKqLdOCpoZ4wr-qW08bHbrldK6xLgM-JI1ATNhGug4H5IHq_a-UvFnkD0Gss3-oYWa2Ny-_yP0y_YLrj2jUQQPgAtLvTFzxwnMkt-nUSUPO"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7c83d2e2fd813828-FRA
fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/18272/static/fonts/
65 KB
66 KB
Font
General
Full URL
https://prod-frs.content.classy.org/prod/18272/static/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/18272/static/frs/main.css
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-amz-request-id
T9KPNZCPCCBB2Y0T
age
15113
x-amz-server-side-encryption
AES256
content-length
66624
x-amz-id-2
NkNmnv0U6/ccLbsqXYJs+7u9BLs57oLBPfUghymSr75SraEg/kLsZ2kn3BqdUEjx1C242mFJE9I=
last-modified
Thu, 11 May 2023 18:46:45 GMT
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7c83d2e2fd823828-FRA
rum
give.virginiasalvationarmy.org/cdn-cgi/
0
37 B
XHR
General
Full URL
https://give.virginiasalvationarmy.org/cdn-cgi/rum?
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-58a946b757ee6313----1684242237964
traceparent
00-76da47b49480c282b73d4d082bb61600-58a946b757ee6313-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1OGE5NDZiNzU3ZWU2MzEzIiwidHIiOiI3NmRhNDdiNDk0ODBjMjgyYjczZDRkMDgyYmI2MTYwMCIsInRpIjoxNjg0MjQyMjM3OTY0fX0=
content-type
application/json
Referer
https://give.virginiasalvationarmy.org/give/485836/

Response headers

date
Tue, 16 May 2023 13:03:57 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://give.virginiasalvationarmy.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c83d2e35f6a5c6e-FRA
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 13:03:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
9tBeIQhk/+XoOK9dlTYv9fWm+U2VoHCCiVU3A/7w/q50hid4x01078VejQu9Vul31o/5Hufh97h3sCABNrvaTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), hid=(), midi=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 13:01:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 13:03:58 GMT
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 0C82
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 16 May 2023 12:48:09 GMT
x-content-type-options
nosniff
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
950
x-cache
Hit from cloudfront
content-length
631
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BMqWcID4AIMj18mFcNe30KhDJN95CV1oTvOvFnkXCG4R3IOFA7GoLg==
collect
www.google-analytics.com/j/
4 B
219 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=436853349&t=event&_s=1&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=1927609745&gjid=58296993&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&_r=1&_slc=1&z=711917011
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=436853349&t=event&_s=1&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=183361052&gjid=438969570&cid=2042295547.1684242237&tid=UA-147453400-1&_gid=1183226392.1684242237&_r=1&_slc=1&z=1675497121
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
stripePublishableKey
pay.classy.org/token/
44 B
330 B
XHR
General
Full URL
https://pay.classy.org/token/stripePublishableKey
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
fae9ffc8-3024-4e78-ac22-cf213f4ec964
cf-ray
7c83d2e3ce86928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
44
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=2&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1684242237225&utt=843&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=941801388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 03:16:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35224
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=3&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1684242237225&utt=1535&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=271445100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 03:16:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35224
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=4&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1684242237225&utt=1711&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=1597480434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 03:16:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35224
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=5&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1684242237225&utt=2257&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=1433429982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 03:16:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35224
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=6&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1684242237225&utt=3483&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=1616300520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 03:16:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35224
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:18 GMT
x-content-type-options
nosniff
age
228160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:18 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:18 GMT
x-content-type-options
nosniff
age
228160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:18 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:18 GMT
x-content-type-options
nosniff
age
228160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:18 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/
28 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:35:22 GMT
x-content-type-options
nosniff
age
250116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29156
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 15:35:22 GMT
iframeResizer-6bb8ec1b02.js
give.virginiasalvationarmy.org/sso/ssobuild/js/
22 KB
7 KB
XHR
General
Full URL
https://give.virginiasalvationarmy.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-c59d79ef86ad6e5d----1684242238352
traceparent
00-f8d1627768045db77014fceff7274900-c59d79ef86ad6e5d-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNTlkNzllZjg2YWQ2ZTVkIiwidHIiOiJmOGQxNjI3NzY4MDQ1ZGI3NzAxNGZjZWZmNzI3NDkwMCIsInRpIjoxNjg0MjQyMjM4MzUyfX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.virginiasalvationarmy.org/give/485836/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:22:28 GMT
cf-bgj
minify
server
cloudflare
age
2842914
etag
W/"64249e04-893d"
cf-polished
origSize=35133
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7c83d2e5ca335c6e-FRA
expires
Fri, 12 Apr 2024 15:22:04 GMT
csp-report
q.stripe.com/ Frame 0C82
0
717 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239090989
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239090574
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0C82
0
715 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239091558
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239090610
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 1922
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
90
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:02:29 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-id
YpSTmtiptgZzCxL2Vb_9VixcIp8trMD5Gt_x9GV4BTi71iA05kR60w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
plaid
pay.classy.org/token/
88 B
944 B
XHR
General
Full URL
https://pay.classy.org/token/plaid?applicationId=8263&currency=EUR
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=oFcvvnYixkM0jnGFfQsjTNceRDnngjTzlIH_zh9Efgk-1684242238-0-Ac9DbPza62iYGpgYBJoEXg5bXABC1bIL9BetUnoGlfFQKhbMocSs3JitC4jF0tQ46A-XPpXWM98rERTCaXzeFn0rI0OzqmeBOHkM0QUTaZ0lWMoXQkb6dtK-ZQ_4oLGdDXohZyxNFoziFrbg8f-xR4Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
15a0b729-0847-4c18-aaa4-0629e54f3d60
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=oFcvvnYixkM0jnGFfQsjTNceRDnngjTzlIH_zh9Efgk-1684242238-0-Ac9DbPza62iYGpgYBJoEXg5bXABC1bIL9BetUnoGlfFQKhbMocSs3JitC4jF0tQ46A-XPpXWM98rERTCaXzeFn0rI0OzqmeBOHkM0QUTaZ0lWMoXQkb6dtK-ZQ_4oLGdDXohZyxNFoziFrbg8f-xR4Q; report-to cf-csp-endpoint
cf-ray
7c83d2e62919928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
collect
stats.g.doubleclick.net/j/
1 B
69 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-3837893-1&cid=2042295547.1684242237&jid=1927609745&gjid=58296993&_gid=1183226392.1684242237&_u=KGDACEAABAAAACAAI~&z=1697260841
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
359 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-147453400-1&cid=2042295547.1684242237&jid=183361052&gjid=438969570&_gid=1183226392.1684242237&_u=KGDACEABBAAAACAAI~&z=1678837481
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
stripePublishableKey
pay.classy.org/token/
44 B
325 B
XHR
General
Full URL
https://pay.classy.org/token/stripePublishableKey
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
1c39a411-9ba6-4e6a-ba01-18eebcfdcd2d
cf-ray
7c83d2e63942928d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
44
id
dpm.demdex.net/
3 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20A0289659302A7E0A495D28%40AdobeOrg&d_nsid=0&ts=1684242238468
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e39ecc1dbe0831e900df70b041272da3c188ae3668dfe4ee87c8b022543820e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v048-04d6aa4f0.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
hIEZRXrCQk0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://give.virginiasalvationarmy.org
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1187
Expires
Thu, 01 Jan 1970 00:00:00 UTC
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=436853349&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gtm.js&ea=gtm.js&el=give.virginiasalvationarmy.org&ev=0&_u=aGDACEABBAAAACAAI~&jid=393967739&gjid=448231866&cid=2042295547.1684242237&tid=UA-51388709-1&_gid=1183226392.1684242237&_r=1&_slc=1&gtm=45He35a0n81PMXWH57&z=1197697256
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
51 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1699
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 16 May 2023 14:35:39 GMT
ActivityServer.bs
bs.serving-sys.com/Serving/
1 KB
1 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=550371&rnd=108364.59509139296&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-12.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcaa774dc90597228c2f5fc00198510ccd5eb16eabd7d01f20a26629b05edf58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
654
expires
Sun, 05-Jun-2005 22:00:00 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Protocol
H2
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100093-IAD, cache-fra-etou8220042-FRA

Redirect headers

date
Tue, 16 May 2023 13:03:58 GMT
vary
x-cache
HIT
location
https://static.ads-twitter.com/oct.js
accept-ranges
bytes
tw-cdn
FT
content-length
0
retry-after
0
x-served-by
cache-fra-etou8220060-FRA
last-event-tag-latest.min.js
www.everestjs.net/static/le/
7 KB
3 KB
Script
General
Full URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.204.223 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-204-223.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Unused62
8096267
x-amz-version-id
null
Content-Encoding
gzip
Date
Tue, 16 May 2023 13:03:58 GMT
Last-Modified
Wed, 16 Jun 2021 15:18:41 GMT
Server
AmazonS3
x-amz-request-id
WKP3JNVX5NTR0NAZ
ETag
"d5991c18a0042eb33f92c6b5b44ffe8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2663
x-amz-id-2
WwcxfV+MCgPYgQlJYKx2ZI+10bhz9Xqd5or4dShdWteOj85dXxe/Ei9DsScCw3T26nNCq4JkZkc=
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220042-FRA
bat.js
bat.bing.com/
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 16 May 2023 13:03:57 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 547F788D41BB40D0B515C5E42F90A48B Ref B: FRAEDGE1408 Ref C: 2023-05-16T13:03:58Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
scevent.min.js
sc-static.net/
31 KB
14 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13611
x-amz-cf-id
brjQQP9Uh9TvPCamU4E2pSsGf0sUlllUmuReuDiz3_naOk-HdcbhaA==
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/
28 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:35:22 GMT
x-content-type-options
nosniff
age
250116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29156
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 15:35:22 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:18 GMT
x-content-type-options
nosniff
age
228160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:18 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:18 GMT
x-content-type-options
nosniff
age
228160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:18 GMT
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 13:03:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Tw35G+mUJcBmOaMc4zfpnibNreeGi+YaJMOtHDY7CQdev6cyShzceljMlyTFbKz5xAjNWhaByAd6YZES8zdskA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), idle-detection=(), screen-wake-lock=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
396587788416378
connect.facebook.net/signals/config/
300 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/396587788416378?v=2.9.104&r=stable
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8db7221e276e32c4bd5809e8a53d5fe3ebbd7b3682a7ac5feaaa2c6ce667671
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 13:03:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+10rT4yo5RVtLj2c7pnZXrl2HjEIP/mnM/rZx0oB0yA4GClHS10HF06F450ePMQqsYYREvyqukciFeg7HiSMxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), hid=(), idle-detection=(), magnetometer=(), screen-wake-lock=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/
185 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58043
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 May 2024 12:19:04 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 89E6
320 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.virginiasalvationarmy.org
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105435
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:58 GMT
etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified
Tue, 24 Jan 2023 21:41:13 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100105-IAD, cache-fra-etou8220060-FRA
lazy-loader.c8cd494b-1.232.0.min.js
js-agent.newrelic.com/
921 B
639 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
410
x-amz-id-2
sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.617026,VS0,VE0
etag
"43b458adcc5ab7566291590de5438262"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3167
controller-e361d5ac800a58205e3d1523c46041fd.html
js.stripe.com/v3/ Frame 37F9
325 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d7c029999a8a624d37094cacffe0c6e266d918164068ce9b36a525f0bab0e3e0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:54 GMT
etag
"e361d5ac800a58205e3d1523c46041fd"
last-modified
Mon, 15 May 2023 20:03:56 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
krcTEB352FlvR0kFcE201O4xxr9zzr9GS4XxXMkCsuw3mDgoKp9r6g==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
js.stripe.com/v3/ Frame 09BA
408 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
99fa4cb099e9c6c9fe247ffed6d67b39d1dd8d53729a9a694d76544e17acaadf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3360
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 12:08:06 GMT
etag
"4505aee4a655bc3741287d609bb74533"
last-modified
Mon, 15 May 2023 20:04:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
K3S7kZFm6rFqc1HSUCDBwuw14OmfWFFHFI6WFwF7DEBKGFZsQ8dEaw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
js.stripe.com/v3/ Frame 1AA1
344 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
4379131f07b780e8db759f35351aec8e79a6fc353bc00b219337d7cd8e41ff6c
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:58 GMT
etag
"9d0b2e069da21bc1da164c3595a38687"
last-modified
Mon, 15 May 2023 20:04:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
vtU7QGKzu235187zqKtwu4Qv0egeN7j_3qMYNMoaztqEnNnb-858Yg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-147453400-1&cid=2042295547.1684242237&jid=183361052&_u=KGDACEABBAAAACAAI~&z=2046318095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-147453400-1&cid=2042295547.1684242237&jid=183361052&_u=KGDACEABBAAAACAAI~&z=2046318095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
give.virginiasalvationarmy.org/sso/
90 B
1 KB
XHR
General
Full URL
https://give.virginiasalvationarmy.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361021181523565963034_1684242238349&_=1684242238350
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ede9442da1aa628410f13206a792fe8ea3d8315cc2dcbe4ed5cd95f83c84ca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-e038e01c8357051e----1684242238677
traceparent
00-db2e538e3a04f939d855dde85fc6dc00-e038e01c8357051e-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMDM4ZTAxYzgzNTcwNTFlIiwidHIiOiJkYjJlNTM4ZTNhMDRmOTM5ZDg1NWRkZTg1ZmM2ZGMwMCIsInRpIjoxNjg0MjQyMjM4Njc3fX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.virginiasalvationarmy.org/give/485836/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
p3p
CP="Classy does not have a P3P policy."
content-type
application/javascript; charset=utf-8
cache-control
no-cache, private
cf-ray
7c83d2e7cc535c6e-FRA
x-xss-protection
1; mode=block
/
notify.bugsnag.com/ Frame
0
0
Preflight
General
Full URL
https://notify.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://give.virginiasalvationarmy.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 16 May 2023 13:03:59 GMT
via
1.1 google
/
notify.bugsnag.com/
2 B
113 B
XHR
General
Full URL
https://notify.bugsnag.com/
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version
4.0
Referer
https://give.virginiasalvationarmy.org/
Bugsnag-Sent-At
2023-05-16T13:03:58.684Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
ed2f4223afa43ef4870a151ab82d1ac6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:59 GMT
via
1.1 google
bugsnag-event-id
64637f3f00bd52c520ec0000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
controller-e361d5ac800a58205e3d1523c46041fd.html
js.stripe.com/v3/ Frame BA52
325 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d7c029999a8a624d37094cacffe0c6e266d918164068ce9b36a525f0bab0e3e0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:54 GMT
etag
"e361d5ac800a58205e3d1523c46041fd"
last-modified
Mon, 15 May 2023 20:03:56 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
hBI4wtVj0MX36vW53betrEe3AtIfrsbcILEpinRySLUSDJ-8JthGTQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
js.stripe.com/v3/ Frame 8C98
408 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
99fa4cb099e9c6c9fe247ffed6d67b39d1dd8d53729a9a694d76544e17acaadf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3360
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 12:08:06 GMT
etag
"4505aee4a655bc3741287d609bb74533"
last-modified
Mon, 15 May 2023 20:04:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
nOI48wNvWBHBbt3FckO3NmEGTewJsg4alwxLQatyxDe0QgpQHmz79g==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
js.stripe.com/v3/ Frame 9815
344 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
4379131f07b780e8db759f35351aec8e79a6fc353bc00b219337d7cd8e41ff6c
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:58 GMT
etag
"9d0b2e069da21bc1da164c3595a38687"
last-modified
Mon, 15 May 2023 20:04:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
pxkYocbmyUKdJoxqm1ZuBCPiQC1VoCX5QNgW1BoeTZ8bXkSsc6B0lQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 1922
0
490 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239091525
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1684242239090868
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 1922
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:01:38 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
141
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
VxU3oTe_F5F5XJcS-0wL0dCR_WwTKwMMbEpf5Z3dt8WWQWBeWn-uQg==
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame 37F9
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2713
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pHOIWOLAobpVie51w_3YAgd91c-tABc45TWimyM3qL3QMemR42i3lg==
controller-5ca89d60bf43893d26ec1c97fd60d923.js
js.stripe.com/v3/fingerprinted/js/ Frame 37F9
458 KB
123 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-5ca89d60bf43893d26ec1c97fd60d923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e79814ef2e9e554d6628d471735d3140c6caeb96d6154e35ddbdbf223e2ea9de
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:06:11 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3471
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 17:03:47 GMT
server
Cloudfront
etag
W/"83a0d7d840f6c1459655ddd21d56a171"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
3u7zWdHWurGgDecNoxUpqdxXBhzAr4rm8POynUX9obEQQi0lJG8BzQ==
pay.js
pay.google.com/gp/p/js/ Frame 09BA
116 KB
36 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-ytUE3jxkVzgpUV3yvwDRfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-ytUE3jxkVzgpUV3yvwDRfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 16 May 2023 13:03:59 GMT
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame 09BA
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2713
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
H4LctHvd9q9y7DTOVi3sgglJsrV8o-fv_aSpFiqOs4NYmgf956NI6w==
payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js
js.stripe.com/v3/fingerprinted/js/ Frame 09BA
10 KB
4 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:03:30 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
44
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
W/"dba01fde288d91c82ecd5576e4d03f36"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
375LRNch5orRbXSWAgrzsvMjW-GeAYzR-PznsFEHm3OeeG0Qo2hGmA==
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame 1AA1
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2713
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xYAdKagdjget5ozvXV7PnYSegnfAkbjUWd0d77zaAJdPvGlQvJNgLg==
payment-request-inner-browser-116b65784e91db0a5ca9cd9eabc7fcfb.js
js.stripe.com/v3/fingerprinted/js/ Frame 1AA1
11 KB
5 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-116b65784e91db0a5ca9cd9eabc7fcfb.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cbca3c81aa061380e124145126df82aab08e00cc48625a66584cce7a12ce00ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:53:23 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
642
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
W/"8db366c56b277e8705203edafe5890e8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
m9lLx1vyypT_bHPbR5klD-68FwYXy3bveKGjUv8NttPi1pFW1TASIg==
h
heapanalytics.com/
37 B
261 B
Image
General
Full URL
https://heapanalytics.com/h?a=1566116007&u=2272628687846614&v=8444489051556431&s=5855787722955954&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&h=%2Fgive%2F485836%2F&d=give.virginiasalvationarmy.org&t=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&ts=1684242238708&st=1684242238780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.234.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-234-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
configuration
api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/
2 KB
2 KB
Script
General
Full URL
https://api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODQzMjg2MzgsImp0aSI6ImZkMmZiNTBhLWE2NjUtNDIwNi04OWNjLWExMTZhNGZiN2FkMyIsInN1YiI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.yFXvyPCbOKpHGJfkT0U2CFEBm1NHuM8ca4xJSftaXRyOX5RfxHKl3fIkOdStqgo7aO_uJX3-4AofC7bqcdmYSA&callback=callback_jsond1831903c38349c081d0b8ff552ff5be
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.13.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae1d37305401c759d.awsglobalaccelerator.com
Software
/
Resource Hash
1a5c908ca4e36a81fd5cea9e42686e6b4450b9746411b284824be217bfb60529
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
paypal-debug-id
2a6a42229f604
x-xss-protection
1; mode=block
x-request-id
464a0fe2-aa64-4ac1-a10d-9ea15eae9749
x-runtime
1.107495
referrer-policy
strict-origin-when-cross-origin
etag
W/"ca5be76db8121a407c72688344e0f908"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
x-braintree-merchant-shard
2
cache-control
max-age=0, private, must-revalidate
x-broxyid
464a0fe2-aa64-4ac1-a10d-9ea15eae9749
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-51388709-1&cid=2042295547.1684242237&jid=393967739&gjid=448231866&_gid=1183226392.1684242237&_u=aGDACEABBAAAACAAI~&z=666805077
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 May 2023 13:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame BA52
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2713
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
v6sNBa7B-teMmMDvEt2WtVNDXSDkJ2HfuFMZ0MSTh7QKodLkcV8yMw==
controller-5ca89d60bf43893d26ec1c97fd60d923.js
js.stripe.com/v3/fingerprinted/js/ Frame BA52
458 KB
123 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-5ca89d60bf43893d26ec1c97fd60d923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e79814ef2e9e554d6628d471735d3140c6caeb96d6154e35ddbdbf223e2ea9de
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:06:11 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3471
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 17:03:47 GMT
server
Cloudfront
etag
W/"83a0d7d840f6c1459655ddd21d56a171"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
z0jwNFIP1q5mNitTh3PEQXGXJ3w6MqG6g1khtQZrowS1f74dIwxVzg==
settings
syndication.twitter.com/ Frame 89E6
869 B
658 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=77c5a2c44045d22f86e3fbd6a5a124a14d393b35
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.virginiasalvationarmy.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
117
date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 16 May 2023 13:03:59 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
af6b78aa03cb68dd
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
f48900f97dd78bf7e3eece0b2cb949720510f26d26dedb8423e291d1ecdefe4e
content-length
337
875.2c240adb-1.232.0.min.js
js-agent.newrelic.com/
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y6DMYX2M755T46
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3692
x-amz-id-2
12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.864130,VS0,VE0
etag
"12b760183a18786621f95a5599ea91d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
103272
page_view_event-aggregate.5a238c1f-1.232.0.min.js
js-agent.newrelic.com/
11 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y1F68V5R4G1R1S
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4123
x-amz-id-2
LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.864119,VS0,VE0
etag
"397497131773c37606e11fcb4222917f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3147
page_view_timing-aggregate.ddd91465-1.232.0.min.js
js-agent.newrelic.com/
12 KB
5 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y867HS6MYT7985
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4571
x-amz-id-2
CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.864861,VS0,VE0
etag
"38f4d68378bfe3989db669dc9385b7c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3123
metrics-aggregate.c2ad263a-1.232.0.min.js
js-agent.newrelic.com/
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YF3D3MNZZ7XXTH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1663
x-amz-id-2
0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.864830,VS0,VE0
etag
"581d99ebc34c05e0a160a0c4a848cae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3111
jserrors-aggregate.017d6ea4-1.232.0.min.js
js-agent.newrelic.com/
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y3P9H1YVPCYW5A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2704
x-amz-id-2
fOJjkf623X4+LNu7HUnbPEqkESbCVUXfegtTcDGCJTSYPYnZIMHyyD/3Rdyml/9Mp1DAV3/tTMA=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.864668,VS0,VE0
etag
"3eccc20152284ae6154ef68728b49a85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2378
ajax-aggregate.666f66ea-1.232.0.min.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YAMGSAT4509J8D
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2159
x-amz-id-2
+/vlhDJIBkrB07I08TN2xKY9QCT+tReD92GfPWcSfMLZ777mczQvriIxrhC3OuLLFI+tLbuC4X0=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.865340,VS0,VE0
etag
"6f55903bceeb36daf6c5579103364266"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1959
session_trace-aggregate.c0ef217a-1.232.0.min.js
js-agent.newrelic.com/
8 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YBT10PFQDKE050
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3302
x-amz-id-2
F/iivEdVcfTjYq8AJFOWGRk4GEFQq3Y9nQ2WJaA8DbfFJtDlso2/z2dRKKVQr/qXereUel72lF0=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.865086,VS0,VE0
etag
"8658ef92a475808fc6ed23b10731217d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2387
page_action-aggregate.64dc4751-1.232.0.min.js
js-agent.newrelic.com/
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y9SYP2S871NYYN
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
985
x-amz-id-2
wXfzGJOuvfsWptsVhCX8TS9ZOOpumIcusC5MtXYWezjm85aH+z+a4UhZtORNDBtZ1lQIvruadOE=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.865071,VS0,VE0
etag
"19f8af5dbc48da5cec8a15e4e37572a2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2374
spa-aggregate.342172b1-1.232.0.min.js
js-agent.newrelic.com/
18 KB
7 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YAJ6WYP1J8ME4A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6574
x-amz-id-2
VgAy+MrhxuFl5jVpUDdrAu+k2F0/keKUs9t2baLmPjDCGwinsdlSaDKFL2sbJxn1je0+kg2OvCU=
x-served-by
cache-fra-etou8220059-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684242239.865691,VS0,VE0
etag
"cd8a824b2ab07e7b696cf7565028153b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1823
adsct
t.co/i/
43 B
377 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=4dacac88-b4a5-445f-b434-85faee1285d7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49471e6f-d0d6-4d45-8f15-179dd37324f0&tw_document_href=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvb33&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
113
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
ba758df4bf315c93
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
997ac9f549f5f671459db62ae161fa1302f19c67abc419c26dc51f6ae2fafbc4
content-length
43
adsct
analytics.twitter.com/i/
43 B
395 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4dacac88-b4a5-445f-b434-85faee1285d7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49471e6f-d0d6-4d45-8f15-179dd37324f0&tw_document_href=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvb33&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
110
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
82aa4c839f755974
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ced11c8df2b9eb9ac3a4f0479f3e86844820ab5d82abb40c776a1e3960736d24
content-length
43
configuration
api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/
2 KB
2 KB
Script
General
Full URL
https://api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODQzMjg2MzgsImp0aSI6IjNhZjQyMjdhLTEyYzgtNGU0OC05YTQ3LTY1OGI2MWE3MzcwMyIsInN1YiI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.LwXhEl3PqSzzr7OnOzJgxfUPkTYuaw-sToz2lPvVQPOAEaBcJEb2nicqcFmYpIlsFhQyK-ReqzhR1_CXag1Yzg&callback=callback_json6257e0da224e4035b38b1dd22a77343d
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.13.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae1d37305401c759d.awsglobalaccelerator.com
Software
/
Resource Hash
58f551cc4d9a1487e689bf3150188dd2aa4310435b5fdc30e393244846d07c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
paypal-debug-id
94a1d1d83e2b4
x-xss-protection
1; mode=block
x-request-id
2736356d-07a8-4bf6-b654-0c7d976ca9e4
x-runtime
0.223594
referrer-policy
strict-origin-when-cross-origin
etag
W/"e5611e6d0a94ae4c0f96a30a156e4d24"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
x-braintree-merchant-shard
2
cache-control
max-age=0, private, must-revalidate
x-broxyid
2736356d-07a8-4bf6-b654-0c7d976ca9e4
ebAttribution.js
secure-ds.serving-sys.com/SemiCachedScripts/
24 KB
8 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:58 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 14:07:07 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"8440d88fdf94d6823ae9ecb94a935255"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=49
accept-ranges
bytes
x-amz-cf-id
KjcXS2VtJ2HxMcagQLvo9L8_1Pr8qQsywdETgZdcTHqIG3Z9-Gvlew==
content-length
7894
i
tr.snapchat.com/cm/ Frame 21CC
0
201 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=5ce1f9d9-71a9-44c4-827d-24f151ac647c&u_scsid=643d11a4-6a0c-4baa-a8b8-fcc98752376f&u_sclid=39aec17a-6bb8-4fdb-8c58-6a43e0e6d945
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 16 May 2023 13:03:59 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
5ce1f9d9-71a9-44c4-827d-24f151ac647c.js
tr.snapchat.com/config/org/
149 B
456 B
Script
General
Full URL
https://tr.snapchat.com/config/org/5ce1f9d9-71a9-44c4-827d-24f151ac647c.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
b6f426fd4671ff1549ab3277e225d5d480feecbea8aed00eb23e7d3b63754d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://give.virginiasalvationarmy.org/
Origin
https://give.virginiasalvationarmy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://give.virginiasalvationarmy.org
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p
tr.snapchat.com/
68 B
354 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
5710159.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/5710159.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 16 May 2023 13:03:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 20762F0801A340AD9B71F5E13FD7E779 Ref B: FRAEDGE1408 Ref C: 2023-05-16T13:03:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
286 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5710159&Ver=2&mid=0e5dedf2-0d3c-4a31-b217-1637717cccc8&sid=1f2a6140f3ea11edb2574b031c7aca92&vid=1f2ab700f3ea11ed90738f87a0deb3c9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&p=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&r=&lt=2257&evt=pageLoad&sv=1&rn=941795
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 13:03:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0BC4D630703942E98CC1727508FC7346 Ref B: FRAEDGE1408 Ref C: 2023-05-16T13:03:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
5715322.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/5715322.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 16 May 2023 13:03:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 10A1A3A59F5A4663B72BB50B1BBDF289 Ref B: FRAEDGE1408 Ref C: 2023-05-16T13:03:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
227 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5715322&Ver=2&mid=7eaae690-2be0-42c6-8cb7-36ed24df165c&sid=1f2a6140f3ea11edb2574b031c7aca92&vid=1f2ab700f3ea11ed90738f87a0deb3c9&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&p=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&r=&lt=2257&evt=pageLoad&sv=1&rn=459611
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 13:03:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E5C8955A57D440883273710403327A3 Ref B: FRAEDGE1408 Ref C: 2023-05-16T13:03:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
thesalvationarmy.demdex.net/ Frame 8284
7 KB
3 KB
Document
General
Full URL
https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.176.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-176-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v048-0d9452145.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
o45Q15+WSnA=
content-encoding
gzip
date
Tue, 16 May 2023 13:03:59 GMT
last-modified
Wed, 10 May 2023 10:46:14 GMT
transfer-encoding
chunked
vary
accept-encoding
id
thesalvationarmy.sc.omtrdc.net/
2 B
277 B
XHR
General
Full URL
https://thesalvationarmy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&mid=67111628085554199973766532008755219628&ts=1684242238957
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://give.virginiasalvationarmy.org
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZGN-PwAAAGBInQNn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=67672215586099229203786893713116184217
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGN-PwAAAGBInQNn
42 B
949 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGN-PwAAAGBInQNn
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v057-04b6c75bf.edge-irl1.demdex.com 25 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tE0pyB/uQCs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGN-PwAAAGBInQNn
Date
Tue, 16 May 2023 13:03:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=396587788416378&ev=PageView&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&rl=&if=false&ts=1684242238971&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684242238969.1723207775&it=1684242238554&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 13:03:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=396587788416378&ev=InitiateCheckout&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&rl=&if=false&ts=1684242238975&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684242238969.1723207775&it=1684242238554&coo=false&eid=1684242237.264711521006&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 13:03:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=timing&_s=7&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1684242237225&utt=4327&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=1367890514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 04:21:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31359
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pay.js
pay.google.com/gp/p/js/ Frame 8C98
116 KB
35 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-awWKsBPBHwrjG60xvqb4rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-awWKsBPBHwrjG60xvqb4rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 16 May 2023 13:03:59 GMT
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame 8C98
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2714
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
zfhMMgmW85gIRajGewL8zeyYhnFduaVwFeNH3S4e_4GRC0J3361jYg==
payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js
js.stripe.com/v3/fingerprinted/js/ Frame 8C98
10 KB
4 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4505aee4a655bc3741287d609bb74533.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:03:30 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
44
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
W/"dba01fde288d91c82ecd5576e4d03f36"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
MPoCbcWQ1I0hUZFgF0WWtYqcT798A1ST6cFjrHN95DhV6Gg_qB_92g==
shared-80532706d286499f140f6cb94524d879.js
js.stripe.com/v3/fingerprinted/js/ Frame 9815
449 KB
108 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:18:47 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2714
x-cache
Hit from cloudfront
last-modified
Mon, 15 May 2023 20:04:08 GMT
server
Cloudfront
etag
W/"a5feb5b02ca40da6cad0c15344351b67"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
e8-nQUbkoTWRIeTPbAMBdvSpSUcxAdLh70k3nzND7Rvg7iG5JFRKHQ==
payment-request-inner-browser-116b65784e91db0a5ca9cd9eabc7fcfb.js
js.stripe.com/v3/fingerprinted/js/ Frame 9815
11 KB
5 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-116b65784e91db0a5ca9cd9eabc7fcfb.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cbca3c81aa061380e124145126df82aab08e00cc48625a66584cce7a12ce00ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-9d0b2e069da21bc1da164c3595a38687.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:53:23 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
643
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
W/"8db366c56b277e8705203edafe5890e8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5cP3eqQJYAZOyIYqQECZUEEUx_B1fzIS7osj3Fig0zvTwbluco_Bvg==
adsct
t.co/i/
43 B
204 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=1&event_id=caff839f-f864-4460-a88b-d55de9f11b6b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49471e6f-d0d6-4d45-8f15-179dd37324f0&tw_document_href=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l54yg&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
105
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d158e1285eea2c1b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
997ac9f549f5f671459db62ae161fa1302f19c67abc419c26dc51f6ae2fafbc4
content-length
43
adsct
analytics.twitter.com/i/
43 B
215 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=caff839f-f864-4460-a88b-d55de9f11b6b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49471e6f-d0d6-4d45-8f15-179dd37324f0&tw_document_href=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l54yg&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
105
date
Tue, 16 May 2023 13:03:58 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
be151791d435accf
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ced11c8df2b9eb9ac3a4f0479f3e86844820ab5d82abb40c776a1e3960736d24
content-length
43
/
lasteventf-tm.everesttech.net/
0
222 B
XHR
General
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=20A0289659302A7E0A495D28@AdobeOrg&_les_sdid=7031817DD3A335E9-3BECF55A4E0F293E&_les_last_search_click=&_les_rsid=tsa.global&_les_mid=67111628085554199973766532008755219628&_les_url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 16 May 2023 13:03:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242239.096860,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra-eddf8230124-FRA
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-51388709-1&cid=2042295547.1684242237&jid=393967739&_u=aGDACEABBAAAACAAI~&z=664652085
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-51388709-1&cid=2042295547.1684242237&jid=393967739&_u=aGDACEABBAAAACAAI~&z=664652085
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 37F9
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239155139
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239154394
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1AA1
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239283735
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239282951
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1AA1
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239284924
x-envoy-upstream-service-time
9
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239282930
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BA52
0
715 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239286102
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239285476
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 37F9
474 B
864 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
68ea24e6ad53c32ef05f980d17b79f0b2700fc77803fad67294ea48dca01e6a4

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:10 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 20:32:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
50
etag
"1fc42bafb56e74e2155d7f9edcf67af3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3V3caLknPilc6eksqjdBrR6EmtyYd-unbCt59v9L2mHvL4Abx8LIjQ==
.deploy_status_henson.json
js.stripe.com/v3/ Frame BA52
474 B
865 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
68ea24e6ad53c32ef05f980d17b79f0b2700fc77803fad67294ea48dca01e6a4

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-e361d5ac800a58205e3d1523c46041fd.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:10 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 20:32:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
50
etag
"1fc42bafb56e74e2155d7f9edcf67af3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
tU0oXSEpPwTSWXyMNjx6ktAbO0ZxpQBL9MHk4ban9IRrPbkb9C61Ug==
csp-report
q.stripe.com/ Frame 9815
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239305326
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239304806
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9815
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239305219
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239304861
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
EBUidCache.js
secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/
4 KB
2 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/EBUidCache.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09ca844c4405783d99a57e07afe98a239da517a20945ba9e6fd52e7fd83515f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
x-amz-request-id
1DBA3NN9V8EXGNEV
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
content-length
1343
x-amz-id-2
u/K/qRn/6le9II0JwWCLv+c5IFta8YkEIZA0sURWUSuykT4VsNF1rVvWTXxIRk1LD+3V3U25yaQ=
last-modified
Wed, 29 Mar 2023 13:06:19 GMT
server
AmazonS3
etag
"b505fca91017d0fdf6a9b0622757dee3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=558823
accept-ranges
bytes
x-amz-cf-id
7cSJVPPnpwrJrGHiLISQPc2GVY4NqprEEGEZbtenJnCRzx7ErQj1BA==
6
m.stripe.com/ Frame 1922
156 B
670 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.68.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-68-105.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9168c769182b5cf1546793724579fa27cdc37663f5e91abcc24a7877230eedbf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239749247
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1684242239748736
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1684242239281&cv=11&fst=1684242239281&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=pQ-wCLfl3IgBEO3zxIoD&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
879c70f239bc0e953b28884b6d243a94ea4b691ca32765cf4766dfb5301c017f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/980170053/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/980170053/?random=1684242239286&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&bttype=purchase&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
3addcab0381036d045c715d6b2a3de78c6952c2d0f995edd12f5377362854d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tealium_collect.min.js
tags.tiqcdn.com/libs/tealiumjs/latest/
29 KB
11 KB
Script
General
Full URL
https://tags.tiqcdn.com/libs/tealiumjs/latest/tealium_collect.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3de8cfadcd96ac84bdf4981517cec0a39b7aa793fb5dab6c4b035aa2f867c619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:00:23 GMT
content-encoding
br
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 16:24:11 GMT
server
AkamaiNetStorage
x-amz-cf-pop
FRA56-P4
age
218
etag
W/"eab14d7208ffce32dad8dac3b47df4cb:1658334251.553043"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
s4CBpg5B4FO-7l8Us8ky0MZpnLcKBoc2gsPgya7O85d2HQXH_nWSjA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/982322407/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982322407/?random=1684242239317&cv=11&fst=1684242239317&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cef013987a68a8dd57445801900c36a8b70a945e9b7fdcd15c8a9e0574ab3d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/?random=1684242239318&cv=11&fst=1684242239318&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae9eae61cb8f7317dad50a5fae22c904092500c3499d143c825cf1e8c399173b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/982651947/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982651947/?random=1684242239320&cv=11&fst=1684242239320&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5be969601983b78ca269a211aa027420d2cd2e61830e60d5ed87c62c008c6c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1227
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/?random=1684242239321&cv=11&fst=1684242239321&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b5e31ffbecf545078763618348e9329d0cfcee6e1cf341ed4e93860639b330e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/943988265/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943988265/?random=1684242239323&cv=11&fst=1684242239323&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=OzLNCPWbgfwBEKm8kMID&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&auid=1357866923.1684242238&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34285d15d70adf09cc7213f6d7ad04671655b4a251b806ecec1d810444123286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1276
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ActivityServer.bs
bs.serving-sys.com/Serving/
1 KB
1 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=485783&rnd=824201.3382613357
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-12.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b244bae75dedd90e86fc05bbc78b265ce610b81841f735aedf382ee004198d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
589
expires
Sun, 05-Jun-2005 22:00:00 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 23 May 2023 13:03:59 GMT
44762
cdn.bttrack.com/universal/
3 KB
3 KB
Script
General
Full URL
https://cdn.bttrack.com/universal/44762
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
940a598b825319f37bbdcc03e3ee10a32a5f2f90d76a2c59d7db83e31a511799

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:03:59 GMT
Cache-Control
max-age=753
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2708
X-HW
1684242239.dop216.fr8.t,1684242239.cds242.fr8.shn,1684242239.dop216.fr8.t,1684242239.cds343.fr8.c
Content-Type
application/javascript; charset=utf-8
events.js
analytics.tiktok.com/i18n/pixel/
4 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA37NVJC77U7GNSUJLA0&lib=ttq
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
74cbf4309493b22a2c6fc01d945c6d5be1dbdaaf2415af28b8da3d52d8b89f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
1ca60c91.c71590a
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time
93,23.62.213.84
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=1
content-length
1443
pragma
no-cache
server
nginx
x-tt-logid
202305161303594E71EB1E6522A6AFBE6C
x-cache-remote
TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.210
x-tt-trace-host
013639f38019084264c9da60332244b87b6624336233da3b8e0df21950c01b59e7206652223d52675f5baf3f94c370d8749d0c3f3d91df915b71b8e7d15eb6281f05b15c6af53a50d23ce83ea9b4c92c1ccf3870500db1b754d278fb567f58458000da9a3dd23725b4841eb63d8ce1de40
expires
Tue, 16 May 2023 13:03:59 GMT
sync
live.rezync.com/
2 KB
3 KB
Script
General
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=45488542c379a568cc7a47157fbaba2c&k=salvation-army-pixel-3674&zmpID=salvation-army&cache_buster=1645187189
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-64.fra56.r.cloudfront.net
Software
lighttpd/1.4.59 /
Resource Hash
1e25832361784f23173bc85ae9abd89d1bb5a899d2d5e45640efdc2a15e51b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
2230
x-amz-cf-id
wXivRkTY3B70a00H_m_IpPK5WxW_oUI4RfmGwwK9sYQSnwt96bI3hw==
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100423
  • https://tags.wdsvc.net/container.js?id=100423&v=4.10&t=1684242239707
27 KB
27 KB
Script
General
Full URL
https://tags.wdsvc.net/container.js?id=100423&v=4.10&t=1684242239707
Protocol
HTTP/1.1
Server
54.237.159.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-253.compute-1.amazonaws.com
Software
/
Resource Hash
101c28370affa64f4b2c1170e1c88a4e41c85cc46eb3ec94e9460ee3f3ef3f17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:03:59 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
27415
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100423&v=4.10&t=1684242239707
Date
Tue, 16 May 2023 13:03:59 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
js
www.googletagmanager.com/gtag/
220 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MQT5L6XZLK&l=dataLayer&cx=c
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
977e62d1ff2593e20f9e9d8efd3d7315c9c978f781f61b832646f4d4a7d7da11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79530
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:03:59 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=pageview&_s=1&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly&ul=en-us&de=UTF-8&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-51388709-1&_gid=1183226392.1684242237&gtm=45He35a0n81PMXWH57&cd3=DONATE%3AUSS&z=2089015123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 04:21:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31360
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
impression
b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/
42 B
312 B
Image
General
Full URL
https://b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/impression?dnt=false&vpxid=2380&bwb=35&us_privacy=&gtmcb=2039567494
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.105.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-105-58.compute-1.amazonaws.com
Software
Beacon Server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:59 GMT
access-control-allow-credentials
true
server
Beacon Server
access-control-allow-headers
Content-Type
content-length
42
content-type
image/gif
1023
bttrack.com/Pixel/Retarget/
0
0
Image
General
Full URL
https://bttrack.com/Pixel/Retarget/1023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
insight.adsrvr.org/track/pxl/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=9vus3v7&ct=0:95naoge&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
TC-5193-1.gif
pt.ispot.tv/v2/
43 B
314 B
Image
General
Full URL
https://pt.ispot.tv/v2/TC-5193-1.gif?app=web&type=donation_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
43
expires
0
p-d5N1L76OG6H12.gif
cms.quantserve.com/pixel/
35 B
372 B
Image
General
Full URL
https://cms.quantserve.com/pixel/p-d5N1L76OG6H12.gif?idmatch=0&partner_user_id=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=1566116007&u=2272628687846614&v=8444489051556431&s=5855787722955954&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1684242238708&sp=d&sp=give.virginiasalvationarmy.org&sp=h&sp=%2Fgive%2F485836%2F&sp=t&sp=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=d&pp=give.virginiasalvationarmy.org&pp=h&pp=%2Fgive%2F485836%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=t&pp=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&pp=ts&pp=1684242238708&id0=5897493445838907&k0=page&k0=%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.92%20Safari%2F537.36&k0=event_id&k0=1684242239.817612849686&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1684242239343&st=1684242239344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.234.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-234-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=396587788416378&ev=ViewContent&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&rl=&if=false&ts=1684242239345&cd[content_name]=Donation%20Page&cd[content_url]=%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1684242238969.1723207775&it=1684242238554&coo=false&eid=1684242239.817612849686&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 13:03:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
csp-report
q.stripe.com/ Frame 09BA
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239466944
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239466613
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 09BA
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239468135
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239467786
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
67fe2a1b26
bam.nr-data.net/1/
49 B
532 B
Script
General
Full URL
https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1.232.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=4846&ck=0&s=48ee642e8be89cb0&ref=https://give.virginiasalvationarmy.org/give/485836/&ap=217.465046&be=1535&fe=723&dc=494&tt=0a947a73738d8d0d&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1684242234517,%22n%22:0,%22f%22:717,%22dn%22:731,%22dne%22:796,%22c%22:796,%22s%22:814,%22ce%22:843,%22rq%22:843,%22rp%22:1535,%22rpe%22:1711,%22di%22:1978,%22ds%22:2029,%22de%22:2029,%22dc%22:2225,%22l%22:2225,%22le%22:2257%7D,%22navigation%22:%7B%7D%7D&fp=3502&fcp=3502&jsonp=NREUM.setToken
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:03:59 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7c83d2edd9ac928d-FRA
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 37F9
1 KB
2 KB
Fetch
General
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.30.58.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-58-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ecf8ab7ae16606355626664cfc6ea43abe8cb869bda2cc1accb5b5a530e0dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239577732
content-length
1156
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST, HEAD, OPTIONS, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
66
access-control-expose-headers
Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-stripe-client-envoy-start-time-us
1684242239576807
timing-allow-origin
https://js.stripe.com
x-robots-tag
none
expires
0
csp-report
q.stripe.com/ Frame 8C98
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239489577
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239488315
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8C98
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239490634
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684242239488386
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame BA52
1 KB
2 KB
Fetch
General
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.30.58.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-58-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e1a9c23d69a88fcd0a963a54a877b7a872204ec394637f8ddaa2fa7137a3b485
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242239580855
content-length
1156
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST, HEAD, OPTIONS, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
73
access-control-expose-headers
Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-stripe-client-envoy-start-time-us
1684242239579762
timing-allow-origin
https://js.stripe.com
x-robots-tag
none
expires
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=pageview&_s=8&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&dp=%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACACI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-3837893-1&_gid=1183226392.1684242237&cd1=50872&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=485836&cd6=campaign&cd11=recurring%20optimization&z=2005337625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 04:21:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31360
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=436853349&t=pageview&_s=2&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23utm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood&dp=%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACACI~&jid=&gjid=&cid=2042295547.1684242237&tid=UA-147453400-1&_gid=1183226392.1684242237&z=537508377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 04:21:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31360
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
payframe
pay.google.com/gp/p/ui/ Frame 21FD
18 KB
8 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3c0bd2863093f223813795642fd0828ea5a4521079051a0d7a66c0459d01e19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wVIgGh6e_E__AbEn1HKYcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wVIgGh6e_E__AbEn1HKYcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 16 May 2023 13:03:59 GMT
expires
Tue, 16 May 2023 13:03:59 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
Serving
bs.serving-sys.com/
497 B
493 B
Script
General
Full URL
https://bs.serving-sys.com/Serving?EBUI.js&cn=cu
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-12.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75a8e65d4d104407c75b0bb533e09d3ff851e7f91c6d9398a846bd86397d3507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 13:03:00 GMT
server
Microsoft-IIS/10.0
etag
"a6985b37c65dcd1:0"
x-powered-by
ASP.NET
content-type
application/x-javascript
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
private, max-age=3600
content-length
227
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664094
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239663623
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664224
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239663728
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663285
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662975
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663561
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662932
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663608
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662828
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663473
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662917
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663737
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662995
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239684956
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239684302
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239684962
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239684217
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664093
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239663793
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664045
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1684242239663505
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664039
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239663571
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663079
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662656
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239663403
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662755
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239664000
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239663676
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239662863
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239662598
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239616058
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239615384
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239685240
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1684242239684435
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239685082
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239684408
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239685195
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239684571
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239685208
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239684499
access-control-allow-credentials
true
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 6A60
18 KB
8 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c74349191adf8b98c247533cb3258eb288d2b9be6108fbf2148da6b125750d51
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-oRt6h-956PMyhhCBBiTWQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-oRt6h-956PMyhhCBBiTWQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 16 May 2023 13:03:59 GMT
expires
Tue, 16 May 2023 13:03:59 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
s8821330755906
thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/
3 KB
3 KB
Script
General
Full URL
https://thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/s8821330755906?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F4%2F2023%2013%3A3%3A59%202%200&d.&nsid=0&jsonv=1&.d&sdid=7031817DD3A335E9-3BECF55A4E0F293E&mid=67111628085554199973766532008755219628&aamlh=6&ce=UTF-8&pageName=DONATE%3AUSS%7C485836%7CCampaign%20Donate&g=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&cc=USD&ch=Donate&events=event5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&v1=DONATE%3AUSS%7C485836%7CCampaign%20Donate&c2=give.virginiasalvationarmy.org&c3=DONATE%3AUSS&v5=Doing%20the%20Most%20Good%2023%20National%20Capital%20AC%3A485836&c6=31&c9=VisitorAPI%20Present&c12=D%3Dmid&c15=donation&c16=D%3Dv31&c18=D%3Dv64&c19=frsDonationWelcomeCtrl&v21=false&v24=email%3Acc%3Asmg_monthly%3Amay_mostgood%3Anull&v30=Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&v33=D%3Dmid&v64=D%3Dg&v66=undefined&v68=50872&v73=23DMEEMORGCSD23NCA%20%7C%20email&v78=D%3Dr&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&AQE=1
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
9fe3f2c3dbccdda9252a07fd042043e0a0e1bf504233e52ed0ee56b12d7dec24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-aam-tid
OQLUkbPKSN8=
date
Tue, 16 May 2023 13:03:59 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
3351
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v048-04d6aa4f0.edge-irl1.demdex.com 3 ms
pragma
no-cache
last-modified
Wed, 17 May 2023 13:03:59 GMT
server
jag
etag
3616882668638797824-4619329177444991011
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 15 May 2023 13:03:59 GMT
csp-report
q.stripe.com/ Frame 21FD
0
0

csp-report
q.stripe.com/ Frame 21FD
0
0

csp-report
q.stripe.com/ Frame 6A60
0
0

csp-report
q.stripe.com/ Frame 6A60
0
0

/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=396587788416378&ev=Microdata&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&rl=&if=false&ts=1684242239585&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Classy%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F10110876%2F95b04d70-e2cf-11ed-8883-0ab7aaa9b05d.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F10110876%2F95b04d70-e2cf-11ed-8883-0ab7aaa9b05d.png%22%2C%22og%3Atitle%22%3A%22Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC%22%2C%22twitter%3Atitle%22%3A%22Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=3&o=30&fbp=fb.1.1684242238969.1723207775&it=1684242238554&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 13:03:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ibs:dpid=470&dpuuid=8332250742818868887
dpm.demdex.net/ Frame 8284
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8332250742818868887
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8332250742818868887
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0336a4b02.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DvVgpetbTvk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8332250742818868887
pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
www.google.com/pagead/1p-user-list/590708955/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/590708955/?random=1684242239318&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=357726795&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/590708955/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/590708955/?random=1684242239318&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=357726795&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/943988265/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/943988265/?random=1684242239323&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=OzLNCPWbgfwBEKm8kMID&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=1484233106&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/943988265/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/943988265/?random=1684242239323&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=OzLNCPWbgfwBEKm8kMID&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=1484233106&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/827406829/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/827406829/?random=1684242239281&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=pQ-wCLfl3IgBEO3zxIoD&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=1078080193&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/827406829/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/827406829/?random=1684242239281&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=pQ-wCLfl3IgBEO3zxIoD&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=1078080193&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/980170053/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive...
  • https://www.google.com/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarm...
  • https://www.google.de/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&auid=1357866923.1684242238&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVlBbm5PQWwycGlCWTBiRG9wOXZ6N1FCUEV5bjZ2R3d2UHhpZWtlYmR6dHRrMm5DT0pYaUEaWkNoRUk4Tk9Nb3dZUXdfYWluc25qdnRMQ0FSSXVBRDRvOGpOZHhXWGMxRS1ZV3l3VmtldjdOY2hZWVctbVkyTzhJbkNvVzc0YzVsR2c2cE9iOGZvRkphUTVEUQ&is_vtc=1&ocp_id=P39jZKLSFvKKmLAPzfSZwA8&cid=CAQSKQBygQiDX3HR6gankLEyuR2CVGdq06YjI_QJ3VyoNUE6J99K_jK1GDFe&eitems=ChAI8NOMowYQ7Yme_4qq3ecgEh0AAVRQQKLXYgm5-smXK13M44aq-RlRUR8aL-B5lQ&random=2552232853&ipr=y&ezwbk=AZuM4hAb3GRi-z9R3N1HCTrnsKl4AqmVAjaPKtuqb18cjTw4eY1XkZq1l84yUcu_FdpXSD3h13i4uSWtsWLHQHzuD0sp
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/980170053/?random=1631660222&cv=11&fst=1684242239286&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&label=x8c1CMjokmsQxeqw0wM&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&value=0&auid=1357866923.1684242238&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVlBbm5PQWwycGlCWTBiRG9wOXZ6N1FCUEV5bjZ2R3d2UHhpZWtlYmR6dHRrMm5DT0pYaUEaWkNoRUk4Tk9Nb3dZUXdfYWluc25qdnRMQ0FSSXVBRDRvOGpOZHhXWGMxRS1ZV3l3VmtldjdOY2hZWVctbVkyTzhJbkNvVzc0YzVsR2c2cE9iOGZvRkphUTVEUQ&is_vtc=1&ocp_id=P39jZKLSFvKKmLAPzfSZwA8&cid=CAQSKQBygQiDX3HR6gankLEyuR2CVGdq06YjI_QJ3VyoNUE6J99K_jK1GDFe&eitems=ChAI8NOMowYQ7Yme_4qq3ecgEh0AAVRQQKLXYgm5-smXK13M44aq-RlRUR8aL-B5lQ&random=2552232853&ipr=y&ezwbk=AZuM4hAb3GRi-z9R3N1HCTrnsKl4AqmVAjaPKtuqb18cjTw4eY1XkZq1l84yUcu_FdpXSD3h13i4uSWtsWLHQHzuD0sp
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/982322407/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/982322407/?random=1684242239317&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=2445903276&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/982322407/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/982322407/?random=1684242239317&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=2445903276&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/982651947/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/982651947/?random=1684242239320&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=3556582734&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/982651947/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/982651947/?random=1684242239320&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=3556582734&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/590768768/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/590768768/?random=1684242239321&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=2131038327&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/590768768/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/590768768/?random=1684242239321&cv=11&fst=1684242000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&frm=0&tiba=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&fmt=3&is_vtc=1&random=2131038327&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.tealium_collect.1_0_3.js
tags.tiqcdn.com/shared/tms/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/shared/tms/t.tealium_collect.1_0_3.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5a8709a1c978bbdee2606a42b713586496c904986d0cbbfbfdd6e82cb35abf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:59:11 GMT
content-encoding
br
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 13:13:30 GMT
server
AkamaiNetStorage
x-amz-cf-pop
FRA56-P4
age
293
etag
W/"07cdf83c63e7e3c092d9bede300ece10:1656508410.841334"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
534CQT2oKZaML2plzCtlk_MaT9Z7-DKLliO2SspU5pjbdIPo3w6PyA==
collect
region1.google-analytics.com/g/
0
264 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MQT5L6XZLK&gtm=45je35a0&_p=436853349&cid=2042295547.1684242237&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684242239&sct=1&seg=0&dl=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F&dt=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQT5L6XZLK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.virginiasalvationarmy.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239810499
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239810098
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239811434
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239810819
access-control-allow-credentials
true
content-length
0
rules-p-d5N1L76OG6H12.js
rules.quantcount.com/
5 KB
2 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-d5N1L76OG6H12.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4c0a8864a3bc814420c6c0741377c9d0b4b62018c150a4195c358a396b078bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 06:42:28 GMT
server
AmazonS3
etag
W/"80926dd49a943d0b078557013afe358f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
8C0sgpQajQhqIP2IomxG9q--lSR15plhxRTGOsBQsdh24Z8T8866oQ==
adServer.bs
bs.serving-sys.com/Serving/
1 KB
1 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=1075630531674976983&cn=as&ActivityID=550371&rnd=108364.59509139296&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]&cuid=8a81c924-42e5-463e-987a-f23ee644a428
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-12.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f836a0d4e328e71d6c818a8e5f25b4398d17f4b78610bb263a490c9cbb407748

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
541
expires
Sun, 05-Jun-2005 22:00:00 GMT
0
r.stripe.com/ Frame BA52
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239819112
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239818855
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239819693
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239819233
access-control-allow-credentials
true
content-length
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 21FD
2 KB
2 KB
Other
General
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 21FD
157 KB
56 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00dbaf0d53cb5a0b65429b7a4329850d40e15e3af9befb09023460eec5d6db70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56673
x-xss-protection
0
last-modified
Sat, 13 May 2023 00:25:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:57 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6A60
2 KB
2 KB
Other
General
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 6A60
157 KB
55 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00dbaf0d53cb5a0b65429b7a4329850d40e15e3af9befb09023460eec5d6db70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56673
x-xss-protection
0
last-modified
Sat, 13 May 2023 00:25:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:57 GMT
ibs:dpid=1175&&dpuuid=FBmIARVLjVQPGtgAGxyTChRP2wQPTNwDFRhqIUvg
dpm.demdex.net/ Frame 8284
Redirect Chain
  • https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=FBmIARVLjVQPGtgAGxyTChRP2wQPTNwDFRhqIUvg
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=FBmIARVLjVQPGtgAGxyTChRP2wQPTNwDFRhqIUvg
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0a4f9e13f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1yINjamXTtQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=FBmIARVLjVQPGtgAGxyTChRP2wQPTNwDFRhqIUvg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
main.MWI2MzlmMWJmMA.js
analytics.tiktok.com/i18n/pixel/static/
242 KB
68 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
c715a36
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023050811311529A214C240AF7F893750
vary
Accept-Encoding
x-cache
TCP_HIT from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018b8bdf543b9f1a8625110ba934082da36615720c8bb9b24a12cfe02720e8a1b5ed17f535cf55291a84bf62a6a5efe6f7f8a723f21ad93bad57a95944724be96d595f33aee4782340ed4f9fcfad646c8eb1906c7cc578943a6218fc9cbe3d4da0
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
content-length
68801
tc.min.js
c1.rfihub.net/js/
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:29:16 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
last-modified
Tue, 16 May 2023 12:29:06 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
FRA53-C1
age
2084
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
BWRXPyZ_irLAoE7ciMtrXhmQY5k-RBG4jQ4F70bYJERQ6UMWHkhMbg==
expires
Tue, 16 May 2023 13:29:16 GMT
p13n.min.js
cdn.boomtrain.com/p13n/salvation-army/
92 KB
30 KB
Script
General
Full URL
https://cdn.boomtrain.com/p13n/salvation-army/p13n.min.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58657e4989034ddfc151c4ecdfe8743cba8a1fbc5e6853728de7b22982d57567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
e2pNnPosKKVdFV52KyHnOKdeQkJgLUVb
Content-Encoding
gzip
Via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
Date
Tue, 16 May 2023 12:17:50 GMT
X-Amz-Cf-Pop
FRA60-P2
Age
2771
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 04 May 2023 11:30:47 GMT
Server
AmazonS3
ETag
W/"ac88d03ee71836fcc975f903655e13be"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
aF-zhmvtrgxRJ18bZ60SGhn7PtSzTSaqkgw63-q1s1QeHrrvC6JPVQ==
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=31205707&t=1&cb=1684242239.565541
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31205707%26t%3D1%26cb%3D1684242239.565541
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31205707%26t%3D1%26cb%3D1684242239.565541
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:03:59 GMT
AN-X-Request-Uuid
fd3c16f1-9637-4c2e-8404-a2bbe5dfb42b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Tue, 16 May 2023 13:03:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
125c912e-ccda-4866-b651-fc056001ef70
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31205707%26t%3D1%26cb%3D1684242239.565541
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
collect.tealiumiq.com/salvationarmy/sal-donate/2/
43 B
780 B
XHR
General
Full URL
https://collect.tealiumiq.com/salvationarmy/sal-donate/2/i.gif
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.98.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-98-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryYupZMWBR4Qp3GNTF

Response headers

date
Tue, 16 May 2023 13:04:00 GMT
x-serverid
uconnect_i-0f6d6b30e4eb1a2c7
x-tid
418824a9109686104476281343412317396be6b5af0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
salvationarmy:sal-donate:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
418824a9109686104476281343412317396be6b5af0
vary
Origin
content-type
image/gif
access-control-allow-origin
https://give.virginiasalvationarmy.org
x-ulver
e246a8c2c85d4b36676777ec50dd10e7f12686ed-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
49f5da2b-f10a-410d-8747-9e0cf75dde1d
expires
Tue, 16 May 2023 13:04:00 GMT
/
www.google.de/pagead/1p-user-list/827406829/ Frame 8284
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?value=0&guid=ON&script=0&data=aam=19679484
  • https://www.google.com/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168
  • https://www.google.de/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168&ipr=y
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168&ipr=y
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 May 2023 13:03:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/827406829/?value=0&guid=ON&script=0&data=aam=19679484&is_vtc=1&random=2381495168&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239882207
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239881764
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239890410
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239889907
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239902033
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239901446
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239902239
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239901558
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239901989
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1684242239901563
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239901986
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239901641
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239904487
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239904045
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239910914
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239910156
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239915308
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239914695
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:03:59 GMT
x-stripe-server-envoy-start-time-us
1684242239915953
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242239915104
access-control-allow-credentials
true
content-length
0
d1a4d701-2ca2-487c-9b90-59558395eb44
sync.transcend.io/consent-manager/ Frame F5D4
405 B
851 B
Document
General
Full URL
https://sync.transcend.io/consent-manager/d1a4d701-2ca2-487c-9b90-59558395eb44
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6c00:a:de49:b100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8f71ce955efc4f94ec112be0a9e33c33667544ddadf1ae4f7321d2678781a22

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35426
content-disposition
inline
content-length
405
content-type
application/xhtml+xml
date
Tue, 16 May 2023 03:13:35 GMT
etag
"b919b7e3899f6bffbd1e6a54bf7a0a6f-1"
last-modified
Fri, 12 May 2023 20:38:25 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
x-amz-cf-id
tm1wOQaaRRSiKAeyrG13WFuxb_uF6N35MjviyUUw040h8MaRqoJNoQ==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
O.E22pfHA4cq9xbUP1wAjffsBP94UJMN
x-cache
Hit from cloudfront
identify_738b3.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
c715ab0
date
Tue, 16 May 2023 13:03:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230508113115E55380AB738DC18470C0
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0178724a9630ce257de125c187e81ed16bb365181cb0f518619b832879a5d182163e26c1942214f8bbff51a28cfa89b7dce733aecb7b441b6b573871eb9423f5e61e7a47022fca6d0067139e4a7d0f585b46d337b381e3feb341a45605cb22a9d7
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length
30825
pixel
analytics.tiktok.com/api/v2/
0
553 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
x-akamai-request-id
c715b2a
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2023051613035911FBD5A18F7779E5A49F
x-cache
TCP_MISS from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
113,23.62.213.84
x-tt-trace-host
013639f38019084264c9da60332244b87b25aa512a891944450df37dfbabd43640c63511fb09995926f5d8ced7574ceab94982a9f437b7c84ff0989e6131fc888c8066cfd5fd8ec7c0fd210c52f30c7619dd740b17fba3a6d0bc14df20d448dfa1
server-timing
inner; dur=25, cdn-cache; desc=MISS, edge; dur=6, origin; dur=112
content-length
0
expires
Tue, 16 May 2023 13:04:00 GMT
serving
bs.serving-sys.com/ Frame 8284
0
104 B
Image
General
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=67672215586099229203786893713116184217&redir=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-12.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 21FD
70 KB
26 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb9c4071afe20a4b212f8eec45749821568a2281b15b04fc518eba6c2ab4d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26083
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:57 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 6A60
70 KB
25 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb9c4071afe20a4b212f8eec45749821568a2281b15b04fc518eba6c2ab4d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26083
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:57 GMT
ibs:dpid=30646
dpm.demdex.net/ Frame 8284
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=67672215586099229203786893713116184217&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-097ddbfc8.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
m52My5xoSbE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 16 May 2023 13:04:00 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
content-length
0
/
tags.wdsvc.net/tpc-eval/
21 B
284 B
Script
General
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=18824a91152-tags7-40e7d88952df4
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.237.159.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-253.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:00 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
67fe2a1b26
bam.nr-data.net/events/1/
24 B
418 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1.232.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=5555&ck=0&s=48ee642e8be89cb0&ref=https://give.virginiasalvationarmy.org/give/485836/
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 16 May 2023 13:04:00 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://give.virginiasalvationarmy.org
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c83d2f08c90928d-FRA
Content-Length
24
user
bttrack.com/dmp/adobe/ Frame 8284
35 B
74 B
Image
General
Full URL
https://bttrack.com/dmp/adobe/user?dd_uuid=67672215586099229203786893713116184217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Tue, 16 May 2023 13:03:19 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdOLVB3QUFBR0JJblFObg==
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdOLVB3QUFBR0JJblFObg==
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242240.294046,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdOLVB3QUFBR0JJblFObg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel;r=2038024998;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3D...
pixel.quantserve.com/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2038024998;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail;uht=2;fpan=1;fpa=P0-404700755-1684242239705;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=virginiasalvationarmy.org;dst=0;et=1684242240279;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Evirginiasalvationarmy%252Eorg%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_sour%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F10110876%2F95b04d70-e2cf-11ed-8883-0ab7aaa9b05d%252Epng%2Ctitle.Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC;ses=67eaf12b-5cac-422a-bf3f-19a832c52142;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGN-PwAAAGBInQNn&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGN-PwAAAGBInQNn&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242240.386726,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGN-PwAAAGBInQNn&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=ZGN-PwAAAGBInQNn&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
ib.adnxs.com/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZGN-PwAAAGBInQNn
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZGN-PwAAAGBInQNn
Protocol
HTTP/1.1
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:00 GMT
AN-X-Request-Uuid
08dab213-a882-4419-b5a8-327cc3c4cb86
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242241.589621,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZGN-PwAAAGBInQNn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGN-PwAAAGBInQNn
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGN-PwAAAGBInQNn
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242241.690024,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGN-PwAAAGBInQNn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGN-PwAAAGBInQNn
1 B
453 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGN-PwAAAGBInQNn
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:04:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242241.974765,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGN-PwAAAGBInQNn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xdi.js
cdn.transcend.io/cm/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame F5D4
25 KB
12 KB
Script
General
Full URL
https://cdn.transcend.io/cm/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js
Requested by
Host: sync.transcend.io
URL: https://sync.transcend.io/consent-manager/d1a4d701-2ca2-487c-9b90-59558395eb44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
992cba1ad4a5172f3505cd3d985819fa53afe4fcd300cce89ee9aa26e086d771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.transcend.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
8GOrT5FSLccZFxW0t9WyMBQCfb55V8Kl
content-encoding
gzip
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
date
Tue, 16 May 2023 01:57:55 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
43158
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 12 May 2023 20:38:26 GMT
server
AmazonS3
etag
W/"5bc3f12697a1fe08c1e5644be96e4cc0-1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
-NBsbxhJzVVPuFvluVtGfyTgC6sSVTc1x9VLi6gfIHl9ADT7Nva2Vg==
ca.html
20841493p.rfihub.com/ Frame 9125
3 KB
4 KB
Document
General
Full URL
https://20841493p.rfihub.com/ca.html?ver=9&rb=46794&ca=20841493&_o=46794&_t=20841493&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&pe=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pf=&ra=5559935633920579
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
681fc70dd7794e58bb9914ad02d6c02ee4e420d1f055d717db8fff2a2d47f0f3

Request headers

Referer
https://give.virginiasalvationarmy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2870
Content-Type
text/html;charset=utf-8
Date
Tue, 16 May 2023 13:04:01 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
resolve
people.api.boomtrain.com/identify/
148 B
463 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiNzdhNTkyZWMtYTRkMi00YWExLThjZjctOTI1OWJlODIxNjg3OjE2ODQyNDIyMzkuNTYxOTIxNCJ9fQ%3D%3D&site_id=salvation-army
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.103.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-103-167.compute-1.amazonaws.com
Software
nginx /
Resource Hash
550b579618a12c960b7fa1dee3b2b424982ea18e90663ac6920c69a8c0d2d0f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:04:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
148
pay
pay.google.com/gp/p/ui/ Frame 21FD
1 MB
390 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8c1bf3a8563abbcb895aa6b2fd0be7df538fbbd067b2a1377db84cc93ceac86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t_g0TwKx-z6_yJaOA-6rgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-t_g0TwKx-z6_yJaOA-6rgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 16 May 2023 13:04:01 GMT
pay
pay.google.com/gp/p/ui/ Frame 6A60
1 MB
390 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cb09b0124feca9ed56278fae1c53628fca241c2068315683eada6fd1fe11b4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-e850-ARJ__2PKp6mnXLAFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-e850-ARJ__2PKp6mnXLAFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 16 May 2023 13:04:01 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 21FD
23 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca065539b2528308771d1cf7df1d9dd782c38ef782ab5d13b3cc76ad9c0140b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9392
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:58 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 21FD
35 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65882b1837187198a336e7789df7d93e6cf354fc992113c1187931dda0b281bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13544
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:58 GMT
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 6A60
23 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca065539b2528308771d1cf7df1d9dd782c38ef782ab5d13b3cc76ad9c0140b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9392
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:58 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTx... Frame 6A60
35 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TTxVX7ZgvVk.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh6l4JWABaJ1EK8i2poYOLOybUzBA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65882b1837187198a336e7789df7d93e6cf354fc992113c1187931dda0b281bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13544
x-xss-protection
0
last-modified
Fri, 12 May 2023 18:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 16:16:58 GMT
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1&__user_check__=1&sync_id=2097c0bd-f3ea-11ed-91f8-1a27ea400306
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1&__user_check__=1&sync_id=2097c0bd-f3ea-11ed-91f8-1a27ea400306
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:04:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
96
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 16 May 2023 13:04:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=ZGN-PwAAAGBInQNn&img=1&__user_check__=1&sync_id=2097c0bd-f3ea-11ed-91f8-1a27ea400306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
log
play.google.com/ Frame 21FD
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
0
r.stripe.com/ Frame 37F9
0
272 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241223971
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241223702
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241224435
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1684242241223775
access-control-allow-credentials
true
content-length
0
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6A60
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mraNq7RfeRo.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjLVSorszzvDygnxsqHAYj7sJfB5g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:04:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 May 2023 13:04:01 GMT
expires
Tue, 16 May 2023 13:04:01 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame BA52
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241229837
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241229018
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241233924
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241233633
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241270627
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1684242241269974
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
272 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241270751
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241270033
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
274 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241275306
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1684242241274777
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame BA52
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241421127
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241420569
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 37F9
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241421158
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1684242241420637
access-control-allow-credentials
true
content-length
0
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=1566116007&u=2272628687846614&v=8444489051556431&s=5855787722955954&b=web&tv=4.0&sp=ts&sp=1684242238708&sp=d&sp=give.virginiasalvationarmy.org&sp=h&sp=%2Fgive%2F485836%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=d&pp=give.virginiasalvationarmy.org&pp=h&pp=%2Fgive%2F485836%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=t&pp=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&pp=ts&pp=1684242238708&id0=8349683453155748&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1684242241.660001299008&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1684242241174&st=1684242241181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.234.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-234-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=1566116007&u=2272628687846614&v=8444489051556431&s=5855787722955954&b=web&tv=4.0&sp=ts&sp=1684242238708&sp=d&sp=give.virginiasalvationarmy.org&sp=h&sp=%2Fgive%2F485836%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=d&pp=give.virginiasalvationarmy.org&pp=h&pp=%2Fgive%2F485836%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&pp=t&pp=Donate%20to%20Doing%20the%20Most%20Good%2023%20National%20Capital%20AC&pp=ts&pp=1684242238708&id0=6235177073075712&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1684242241.556106806963&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1684242241181&st=1684242241182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.234.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-234-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
GooglePay-logo.svg
give.virginiasalvationarmy.org/static/global/images/digitalWallets/
3 KB
1 KB
Image
General
Full URL
https://give.virginiasalvationarmy.org/static/global/images/digitalWallets/GooglePay-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/give/485836/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 11 May 2023 18:42:08 GMT
server
cloudflare
etag
W/"645d3700-b41"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c83d2f78e825c6e-FRA
expires
Wed, 15 May 2024 13:04:01 GMT
0
r.stripe.com/ Frame BA52
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80532706d286499f140f6cb94524d879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
x-stripe-server-envoy-start-time-us
1684242241421158
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684242241420689
access-control-allow-credentials
true
content-length
0
b.php
www.facebook.com/fr/ Frame 8284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGN-PwAAAGBInQNn&t=2592000&o=0
43 B
72 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGN-PwAAAGBInQNn&t=2592000&o=0
Protocol
H3
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 06:04:01 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
+efDoo7lvzF2cW1BfHPlXWtMWE46Gp6idx1zTzsR8UwhuC77mK6eu/bTNqrMII9eip1/Q2dlFIKO/Bl4XsVo5Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), screen-wake-lock=()
priority
u=3,i
expires
Tue, 16 May 2023 06:04:01 PDT

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242241.245195,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGN-PwAAAGBInQNn&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
501709.gif
idsync.rlcdn.com/ Frame 9125
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23%21%2Fdonation%2Fcheckout%3Futm_s...
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be8...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8c...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.4487467
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.4487467
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.4487467
content-length
447
x-amz-cf-id
q6DpblnbO8q12XYu1eKlqIJZlDcp9kwH6ZVbxXWn1UaCx86L7eFg1g==
501709.gif
idsync.rlcdn.com/ Frame 9125
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNTIwMzY4MjA2OA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEG6lLY331ajfMw6wunrocck&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8cf7-9259be8...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925203682068&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D77a592ec-a4d2-4aa1-8c...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.6118073
0
9 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.6118073
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.6118073
content-length
447
x-amz-cf-id
6tyUPIFTnSByNM2ocB2vvtM-YlYDOAE1eUMWTMH7b188kBrBRW9Cwg==
setuid
ib.adnxs.com/ Frame 9125
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=18&code=5140084925203682068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:01 GMT
AN-X-Request-Uuid
e6874021-48fd-4832-bc9e-75d8b0f2a2f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=1121&dpuuid=5140084925203682068&redir=
dpm.demdex.net/ Frame 9125
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084925203682068&redir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0d3695a9b.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fT0XRQFASEM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pug
image2.pubmatic.com/AdServer/ Frame 9125
42 B
212 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5140084925203682068&r=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 16 May 2023 13:04:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 9125
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084925203682068&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame 9125
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5140084925203682068&bid=omt9pi0
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=5140084925203682068&bid=omt9pi0
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:04:01 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5140084925203682068&bid=omt9pi0
Date
Tue, 16 May 2023 13:04:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 9125
61 B
632 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084925203682068
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:04:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 16 May 2023 13:04:01 GMT
/
bpi.rtactivate.com/tag/ Frame 9125
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084925203682068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.10.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-10-159.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 9125
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084925203682068&forward=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 13:04:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 9125
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084925203682068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9125
43 B
191 B
Image
General
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084925203682068
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 16 May 2023 13:04:01 GMT
pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 9125
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084925203682068&img=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:04:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
94
Connection
keep-alive
Content-Length
43
sync
partners.tremorhub.com/ Frame 9125
43 B
175 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084925203682068&r=ZKxqQXIBXdBs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:5942:7dcf:cd8:a269 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 16 May 2023 13:04:01 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 9125
43 B
377 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084925203682068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.135.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-135-117.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 9125
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084925203682068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.11.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-11-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Tue, 16 May 2023 13:04:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1684242241
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 9125
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084925203682068&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.143.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-143-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:04:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame 9125
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGN-PwAAAGBInQNn
42 B
974 B
Image
General
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGN-PwAAAGBInQNn
Protocol
HTTP/1.1
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841493p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 16 May 2023 13:04:01 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230124-FRA
pragma
no-cache
date
Tue, 16 May 2023 13:04:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684242241.468553,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGN-PwAAAGBInQNn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6
m.stripe.com/ Frame 1922
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.68.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-68-105.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9168c769182b5cf1546793724579fa27cdc37663f5e91abcc24a7877230eedbf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 16 May 2023 13:04:01 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684242241964798
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
7
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1684242241964449
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
post-log
tags.wdsvc.net/
0
449 B
XHR
General
Full URL
https://tags.wdsvc.net/post-log?v=4.10&amp;t=1684242239826
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.237.159.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://give.virginiasalvationarmy.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://give.virginiasalvationarmy.org
Date
Tue, 16 May 2023 13:04:02 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
/
insight.adsrvr.org/track/evnt/
70 B
260 B
Image
General
Full URL
https://insight.adsrvr.org/track/evnt/?adv=xuf5w5o&ct=0:rfvwn43&fmt=3&td1=18824a91152-tags7-40e7d88952df4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:04:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/
70 B
260 B
Image
General
Full URL
https://insight.adsrvr.org/track/conv/?adv=xuf5w5o&ct=0:v2n629k&fmt=3&orderid=&vf=&v=&td1=18824a91152-tags7-40e7d88952df4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:04:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/
70 B
260 B
Image
General
Full URL
https://insight.adsrvr.org/track/conv/?adv=xuf5w5o&ct=0:7dypodn&fmt=3&orderid=&vf=&v=&td1=18824a91152-tags7-40e7d88952df4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:04:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
js.stripe.com/v3/fingerprinted/js/
295 B
794 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
Requested by
Host: give.virginiasalvationarmy.org
URL: https://give.virginiasalvationarmy.org/give/485836/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.virginiasalvationarmy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 16 May 2023 12:55:53 GMT
x-content-type-options
nosniff
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
496
x-cache
Hit from cloudfront
content-length
295
last-modified
Wed, 10 May 2023 20:03:05 GMT
server
Cloudfront
etag
"477956b204dfd45e10334fc060914d4b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yE4jn5EJnpbr20jVQJIwplwq6pEV86iZWf66yfDlovpOJ0Loyi7jzQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 boolean| credentialless object| transcend object| __cfQR object| __cfBeacon object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA boolean| ucl object| SC object| analyticsCallbacks function| triggerGaCallbacks boolean| gaDebug function| loadGA function| initializeGA string| GoogleAnalyticsObject function| ga object| ga4Callbacks function| triggerGA4Callbacks function| initializeGA4 boolean| ga4Debug object| webpackChunkStripeJSouter function| noop function| Stripe object| uiroutermetatags object| ngFileUpload function| factory object| _gsScope object| Modernizr object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery function| _ object| angular object| WebFont function| FastClick function| EvEmitter function| imagesLoaded string| output function| TimeSpan function| TimePeriod function| DeepDiff function| moment function| Spinner function| Picker object| ProgressBar function| getSlug function| createSlug object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| UAParser function| aesConvert function| bugsnag string| bugsnagTokenClient object| bugsnagClient function| OptanonWrapper boolean| __cfRLUnblockHandlers object| dataLayer object| params string| ClassyObjectName object| Classy object| Plaid object| webpackJsonpPlaid object| Braintree object| braintree function| paypalLoadScript function| paypalLoadCustomScript object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| TokenEx string| scriptPath undefined| scripts undefined| a undefined| c object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups function| jsonFeed object| cartActions boolean| DEBUG_SYNC object| twttr function| onYouTubeIframeAPIReady boolean| prerenderReady object| heap function| fbq function| _fbq object| google_tag_manager function| postscribe object| google_tag_manager_external string| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in string| s_account object| s function| s_doPlugins function| s_getLoadTime function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq number| s_loadT function| DIL number| s_objectID number| s_giq undefined| ebUniqueDonorID undefined| ebZipCode string| ebNewDonor undefined| ebRevenue string| ebTerritory number| ebRand function| twq object| myTracker object| uetq function| getParam function| getExpiryRecord function| addGclid function| snaptr number| r function| iFrameResize object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableHouseBrandAndYtCoexistence function| onYTReady object| __twttrll object| __twttr object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| ebPtcl function| ebDecode object| bsResponseObj string| ebAttId object| ebAttrConf function| UET function| UET_init function| UET_push object| ueto_3f8409836d object| ueto_1605c33da7 function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| ebAttribution object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| GooglebQhCsO object| tealium undefined| ExpInfo undefined| s_code object| _qevents number| t string| TiktokAnalyticsObject object| ttq function| zync_call string| url object| img object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_tsa.global object| callback_json6257e0da224e4035b38b1dd22a77343d function| Tealium object| TEAL function| quantserve function| __qc object| ezt object| _qoptions string| ebUserIdGuid function| _rfi function| bt object| _bt object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| WDSMemberConfig object| WDSConfig number| timeout object| callback_jsond1831903c38349c081d0b8ff552ff5be function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP boolean| tpc_present

89 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
give.virginiasalvationarmy.org/ Name: connect.sid
Value: s%3AAhBWoLLKNUY5rzmu1xF7W96p8dOHz-NX.k%2By%2Bn6NofO5zV%2BeiE8qaOrcAW0zfDLvv6%2F1Q%2F4x54b0
.give.virginiasalvationarmy.org/ Name: __cf_bm
Value: fhThf5tZse6LOs5rUTK8fgqKzsOZeVkR9pJriiZuJUc-1684242236-0-Ad9CFgsETSzPT6RYVOB/faFfLJUtMbcPiqGbeC+ahCHvWyWpcb6jcPUrYkJODwNKI06zVzjyOJqHJ+6F06gdDPw=
.give.virginiasalvationarmy.org/ Name: __cfruid
Value: cc4346b8e7693b02aab1fb8c2de1e1b3e452873e-1684242236
.classy.org/ Name: __cf_bm
Value: Syx2rAW2vVPSwxMLaKu5MSbnwZW4_XaRGYL3Zi7B.k0-1684242236-0-AajUk5JXKHggKbDktZocF12pZBHJyet4C97yz4hRgYYT0Qxdldf7Df2uen4xfG36pxU8oFpeeZ7AkT/iWTNbDqI=
.virginiasalvationarmy.org/ Name: _gid
Value: GA1.2.1183226392.1684242237
give.virginiasalvationarmy.org/ Name: c_src
Value: {"485836":[{"c_src":"23DMEEMORGCSD23NCA","c_src2":"email","referrer":"","timestamp":1684242237225}]}
.youtube.com/ Name: YSC
Value: i-xbO__zTPA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ZZn6-9Pg8lE
.virginiasalvationarmy.org/ Name: _gat_classyTrack
Value: 1
.virginiasalvationarmy.org/ Name: _gat_clientTrack
Value: 1
give.virginiasalvationarmy.org/ Name: CSRF-TOKEN
Value: 8ILnvsDs-rujQf6GVTRgbgbankEt30TNYbxE
.virginiasalvationarmy.org/ Name: _gcl_au
Value: 1.1.1357866923.1684242238
.virginiasalvationarmy.org/ Name: _gat_UA-51388709-1
Value: 1
.give.virginiasalvationarmy.org/ Name: OptanonConsent
Value: landingPath=https%3A%2F%2Fgive.virginiasalvationarmy.org%2Fgive%2F485836%2F%23!%2Fdonation%2Fcheckout%3Futm_campaign%3Dsmg_monthly%26utm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail&datestamp=Tue+May+16+2023+13%3A03%3A58+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.virginiasalvationarmy.org/ Name: _hp2_id.1566116007
Value: %7B%22userId%22%3A%222272628687846614%22%2C%22pageviewId%22%3A%228444489051556431%22%2C%22sessionId%22%3A%225855787722955954%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.demdex.net/ Name: demdex
Value: 67672215586099229203786893713116184217
.virginiasalvationarmy.org/ Name: _scid
Value: 97f7855f-54a1-40a5-a5d1-698e3f73100e
.virginiasalvationarmy.org/ Name: _scid_r
Value: 97f7855f-54a1-40a5-a5d1-698e3f73100e
.virginiasalvationarmy.org/ Name: _uetsid
Value: 1f2a6140f3ea11edb2574b031c7aca92
.virginiasalvationarmy.org/ Name: _uetvid
Value: 1f2ab700f3ea11ed90738f87a0deb3c9
.virginiasalvationarmy.org/ Name: AMCVS_20A0289659302A7E0A495D28%40AdobeOrg
Value: 1
.virginiasalvationarmy.org/ Name: _fbp
Value: fb.1.1684242238969.1723207775
.bing.com/ Name: MUID
Value: 2F9A00A7840B6BC132C113B485606AF7
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIpEXejoOJTMHwf7cyo/Fk9dEtQNo9LBO99VobpRnPEwiAmvUDh5qg1zIAAAA=
give.virginiasalvationarmy.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IndQb2hqRmhwNWJKZ3MrRFh3eUJTNnc9PSIsInZhbHVlIjoiSVdQWXIwTnRTbFdQOEdqWXdwOW5ZdlIrMTZ6RzZmVGtDREpWSFwvTWpRMFFDV3IwNVc5cGk0VE9GTGJlVHFCT0E1ODluM1A1U2QzXC9JY1JERVZpT1wvMGwyWGhGeEFmcEkrVDF4cDZQdWNzVnM2OXFIOFEzQitJVGlnYjl2eWFXdjgiLCJtYWMiOiJmNmMyOGNkZDUyOWEzZDIxMmE5N2E4ZDE5OGUyNGVjMDVjYjZhMTk1MGU4NjViYTgzN2U3ODhmZDRiZDY1NDY0In0%3D
give.virginiasalvationarmy.org/ Name: sid
Value: eyJpdiI6IlRSMlNMZW9uWVwvM3RxWWxMQW1hWUJRPT0iLCJ2YWx1ZSI6IkdLbzNDb05EVVRmTzFQaGNHSnVSXC9mZDdIdFRLcWh6aHdYWmVHTTdDbnZBRENiZzBjRWE0aHphZ1VpUzQ1cmNzZmVjUG9NVTQraFdKZHp6K2NJeVVRU09Wdms1cm5ncm5UaDg0OFJGTTFGbldtWVpNb2VCSHVHUVFTY3dtaHJxSSIsIm1hYyI6ImQ4MzY0ZGZjMTY4Y2IzMzQ3ZjVjYzI5YTY5NjcwMGUwYzQ0NDIxMWNmNzAxYWZiYjg2YzM0OTQwMTRhYmU3NTcifQ%3D%3D
.twitter.com/ Name: personalization_id
Value: "v1_hffx7k7OkiX0dbYhU1C82A=="
.t.co/ Name: muc_ads
Value: a3393a6d-5f64-4c16-bda5-3a77677f6a68
.google.com/ Name: NID
Value: 511=SA0gHQsTpQJcmJcgU_3j4hcryH0JrupAADPKoi56EGpfmpnJV0wx-WUw5tTWw5LR9rNM1y_2-wwaU5rcyFkM7BFXuKk0cuU96t0k_z83l39WzHdC8QCXgs5SmEZaAspvUHNbXcH7132jMcSuD8mScxsQ8F4F-KV1QpHP70N_QTs
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGN-PwAAAGBInQNn
.virginiasalvationarmy.org/ Name: adcloud
Value: {%22_les_v%22:%22y%2Cvirginiasalvationarmy.org%2C1684244039%22}
.serving-sys.com/ Name: u2
Value: 8a81c924-42e5-463e-987a-f23ee644a4284MB06g
.virginiasalvationarmy.org/ Name: _hp2_ses_props.1566116007
Value: %7B%22ts%22%3A1684242238708%2C%22d%22%3A%22give.virginiasalvationarmy.org%22%2C%22h%22%3A%22%2Fgive%2F485836%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Futm_source%3Demail%26utm_medium%3Dcc%26utm_content%3Dmay_mostgood%26utm_campaign%3Dsmg_monthly%26c_src%3D23DMEEMORGCSD23NCA%26c_src2%3Demail%22%7D
.dpm.demdex.net/ Name: dpm
Value: 67672215586099229203786893713116184217
.virginiasalvationarmy.org/ Name: AMCV_20A0289659302A7E0A495D28%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19494%7CMCMID%7C67111628085554199973766532008755219628%7CMCAAMLH-1684847038%7C6%7CMCAAMB-1684847038%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1684249439s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19501%7CvVersion%7C4.4.0
.ispot.tv/ Name: pt
Value: v2:386979d9862b06c77ad5d133caba0f19ed53bb446c1020e09a4b46140ed2ad73|30577a4dfce2521a139e94bf408add5432c5acd210bc15c9b5df745ca2243a73
.quantserve.com/ Name: mc
Value: 64637f3f-7f291-86be6-ab175
.virginiasalvationarmy.org/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.virginiasalvationarmy.org/ Name: s_ppv
Value: DONATE%253AUSS%257C485836%257CCampaign%2520Donate%2C63%2C63%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.virginiasalvationarmy.org/ Name: s_ppn
Value: DONATE%3AUSS%7C485836%7CCampaign%20Donate
.virginiasalvationarmy.org/ Name: gpv_v9
Value: DONATE%3AUSS%7C485836%7CCampaign%20Donate
.virginiasalvationarmy.org/ Name: s_ptc
Value: %5B%5BB%5D%5D
.virginiasalvationarmy.org/ Name: s_cc
Value: true
.tiktok.com/ Name: _ttp
Value: 2PsOI5qmylsCdOdEPqUYMLVerQF
.virginiasalvationarmy.org/ Name: TEAL
Value: v:418824a9109686104476281343412317396be6b5af0$t:1684244039645$s:1684242239642%3Bexp-sess$sn:1$en:1
.rezync.com/ Name: zync-uuid
Value: 77a592ec-a4d2-4aa1-8cf7-9259be821687:1684242239.5619214
.virginiasalvationarmy.org/ Name: _ga_MQT5L6XZLK
Value: GS1.1.1684242239.1.0.1684242239.0.0.0
.virginiasalvationarmy.org/ Name: _ga
Value: GA1.1.2042295547.1684242237
.serving-sys.com/ Name: ActivityInfo2
Value: 0022ndDBX0_002jaXDBX0_
.doubleclick.net/ Name: IDE
Value: AHWqTUlPe-q4pQnU8AjeeZ-If9Txonyy1Hb0mxzX8KoheoXs6-PpXHDQGCHsXgBC
.virginiasalvationarmy.org/ Name: AAMC_thesalvationarmy_0
Value: REGION%7C6
.give.virginiasalvationarmy.org/ Name: aam_uuid
Value: 67672215586099229203786893713116184217
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2023-05-16T13:03:59.707Z~2023-05-16T13:03:59.707Z|1141832232021492|37|
.quantserve.com/ Name: d
Value: EMMBDAGAKbmvYA
.turn.com/ Name: uid
Value: 8332250742818868887
.adnxs.com/ Name: uuid2
Value: 392544230313843011
m.stripe.com/ Name: m
Value: bff084c0-d676-4e7c-bb77-059f12d9c60c29b626
.virginiasalvationarmy.org/ Name: _tt_enable_cookie
Value: 1
.virginiasalvationarmy.org/ Name: _ttp
Value: lm3FeqCjHbLh2fkO4uxytspegnQ
.give.virginiasalvationarmy.org/ Name: __stripe_mid
Value: cee2edcc-f68e-4eb0-a8ac-9c2297e3e5044efd44
.give.virginiasalvationarmy.org/ Name: __stripe_sid
Value: 7468a17e-0d4d-40df-89f0-0622db64c70e595191
.virginiasalvationarmy.org/ Name: __qca
Value: P0-404700755-1684242239705
.casalemedia.com/ Name: CMID
Value: ZGN-QJEslNaZkkenMQjmmgAA
.casalemedia.com/ Name: CMPS
Value: 1196
.casalemedia.com/ Name: CMPRO
Value: 1196
.tealiumiq.com/ Name: TAPID
Value: salvationarmy/sal-donate>418824a9109686104476281343412317396be6b5af0|
.yahoo.com/ Name: A3
Value: d=AQABBEB_Y2QCED2JofuwgrKlsc6MFx44sNwFEv__AP8AAAAAAOAXyiMAAAAAgA&S=AQAAAgksA_6muWguN4bOlqC60zM
.virginiasalvationarmy.org/ Name: btIdentify
Value: 16cc4745-4f4b-45be-bfa8-8c6baa847db5
.virginiasalvationarmy.org/ Name: _bts
Value: 1bc71c38-fb15-47b4-fc1f-20962f971ca2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZGN-PwAAAGBInQNn&KRTB&22978-ZGN-PwAAAGBInQNn&KRTB&23194-ZGN-PwAAAGBInQNn&KRTB&23209-ZGN-PwAAAGBInQNn
.pubmatic.com/ Name: PugT
Value: 1684242241
.demdex.net/ Name: dextp
Value: 470-1-1684242239610|1175-1-1684242239737|3462-1-1684242239937|30646-1-1684242240057|49276-1-1684242240160|144230-1-1684242240272|144231-1-1684242240373|144232-1-1684242240474|144233-1-1684242240576|144234-1-1684242240677|144235-1-1684242240961|144236-1-1684242241099|144237-1-1684242241223
.spotxchange.com/ Name: audience
Value: 2097c078-f3ea-11ed-91f8-1a27ea400306
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjUyMDazMDIwsxDiM9QNyEurynE3MzAMdXYEAL77VkMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjUyMDazMDIwsxDiM9QNyEurynE3MzAMdXYEAL77VkMlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084925203682068
.adnxs.com/ Name: anj
Value: dTM7k!M4/0D>6NRF']wIg2InAhl81*!]tb=MyAyq7REOn17Lr$1!Mt6N=#1Q:xCC/bOo7tNLTuz*YL`jAAN=m<FKq^Vn:d7*l-20+SZOb*s7^J+77T7-2$cLD$25ADb6_:!0#2DTU4`e
.media.net/ Name: visitor-id
Value: 3272438418214735000V10
.media.net/ Name: data-rk
Value: 5140084925203682068~~3
.virginiasalvationarmy.org/ Name: _bti
Value: %7B%22app_id%22%3A%22salvation-army%22%2C%22bsin%22%3A%224r8dwh75RvWfa4aydtWifIvJ6LMlqWDAd1WAS%2B%2FcX00XtfIrRTflQrNPMjGB04Kwx98gykJr7SBEcOd6TTn6Dw%3D%3D%22%2C%22is_identified%22%3Afalse%7D
live.rezync.com/ Name: sd-session-id
Value: .eJwNi0EKwyAQAP-y51h0s-qunwnWbEHa2BLTS0P-Xi8DAzMnLB_dt9y0HZCO_asTlFcd1iGd0Otv0yck8I6sZRL0aOfAaAPDNUHX3uu7LXUdTYzZC2oxmVY0lLMzXB7RjEnuyugCxzRASIiz3Hxwgo7g-gOvJSVy.ZGN_QQ.vXCnYfJU5-PS8a9VbBCRDbZRs08
.krxd.net/ Name: _kuid_
Value: PjtBkyLE
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dTfL8Yk0NjZMzErzLTcrL80ryk9Ozm5iMTc3TzS1NEpN1k00STHSNUlMNNS1SE4z17U0MrVMSrUwMjSzMLcCEiZGJkZGxpZ6pmaGlkaGJgAB5b3jWAAAAA
.eyeota.net/ Name: SERVERID
Value: 20510~DM
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dTfL8Yk0NjZMzErzLTcrL80ryk9Ozg7iNTSzMDEyMTIyMTQ1sJzFiMQ3NjDdhMbfhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4kVTT83mvuEzc3NE00tjVKTdRNNUox0TRITDXUtktPMdS2NTC2TUi2MgOrNrWCajC31TM0MLY0MTWYJI5lkbmi8CJVv8kgY1SYApnnmTJcBAAA
.virginiasalvationarmy.org/ Name: wds_random
Value: 2023-05-16T13:03:59.707Z~2023-05-16T13:03:59.707Z|1141832232021492|37|
.virginiasalvationarmy.org/ Name: __WDS1
Value: %7B%22da_100423%22%3A%7B%22hu%22%3A%222023-05-16T13%3A04%3A02.074Z%22%7D%7D

17 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://bttrack.com/Pixel/Retarget/1023
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084925203682068
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.4487467
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=77a592ec-a4d2-4aa1-8cf7-9259be821687%3A1684242239.5619214&_=1684242241.6118073
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20841493p.rfihub.com
a.rfihub.com
aa.agkn.com
analytics.tiktok.com
analytics.twitter.com
api.braintreegateway.com
assets.classy.org
b.videoamp.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
bttrack.com
c1.rfihub.net
cdn.boomtrain.com
cdn.bttrack.com
cdn.heapanalytics.com
cdn.plaid.com
cdn.transcend.io
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
collect.tealiumiq.com
connect.facebook.net
contextual.media.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.virginiasalvationarmy.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js-agent.newrelic.com
js.braintreegateway.com
js.stripe.com
lasteventf-tm.everesttech.net
live.rezync.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
notify.bugsnag.com
p.rfihub.com
partners.tremorhub.com
pay.classy.org
pay.google.com
people.api.boomtrain.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
ps.eyeota.net
pt.ispot.tv
q.stripe.com
r.stripe.com
r20.rs6.net
region1.google-analytics.com
rules.quantcount.com
sc-static.net
secure-ds.serving-sys.com
secure.adnxs.com
secure.quantserve.com
sessions.bugsnag.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.transcend.io
syndication.twitter.com
t.co
tags.tiqcdn.com
tags.wdsvc.net
thesalvationarmy.demdex.net
thesalvationarmy.sc.omtrdc.net
tr.snapchat.com
unpkg.com
us-u.openx.net
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
q.stripe.com
104.244.42.133
104.244.42.136
104.244.42.67
13.225.78.109
13.32.121.38
13.32.27.86
142.250.185.162
143.204.207.250
146.75.120.157
151.101.130.132
151.101.2.137
151.101.66.49
162.247.241.14
18.66.122.52
184.29.204.223
185.64.191.210
185.80.39.216
185.94.180.125
192.132.33.46
193.0.160.131
193.108.153.28
2.23.209.20
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::13
208.75.122.11
212.82.100.182
216.58.212.130
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:1f18:612b:4216:5942:7dcf:cd8:a269
2600:9000:2057:3e00:19:7d10:bd80:93a1
2600:9000:214f:9c00:1:76cf:fe80:93a1
2600:9000:21f3:6c00:a:de49:b100:93a1
2600:9000:223c:c00:6:44e3:f8c0:93a1
2600:9000:223e:4e00:7:2bfb:7c00:93a1
2600:9000:2250:4400:2:8531:afc0:93a1
2606:4700:4400::ac40:9062
2606:4700::6810:3965
2606:4700::6810:7daf
2606:4700::6812:7115
2606:4700::6812:843c
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:c11::200
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c00::5c
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.123.242.12
3.127.178.105
3.210.10.159
34.205.105.58
34.252.176.107
35.156.98.69
35.190.43.134
35.244.159.8
35.244.174.68
37.252.171.21
37.252.171.22
52.143.247.24
52.16.185.84
52.208.135.117
52.213.11.190
52.215.114.201
52.223.40.198
52.30.58.64
52.58.143.247
52.89.68.105
54.187.119.242
54.225.234.9
54.237.159.253
54.243.103.167
63.140.62.160
65.9.66.64
69.16.175.42
69.173.144.138
69.192.160.219
76.223.13.31
95.101.148.20
99.86.4.76
00dbaf0d53cb5a0b65429b7a4329850d40e15e3af9befb09023460eec5d6db70
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
036c946861b1139188b23701869a760a86f28e57519a5c586274c02ab1549d42
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
0607447000f16c51d52b2ffdc6b9ab1ba6227b825d9296170120476d463c6f22
09ca844c4405783d99a57e07afe98a239da517a20945ba9e6fd52e7fd83515f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d2623ce99291eaf91d54260dbde0f3d5cd635419df45ed8c656e269660e99d9
0e04617d46dd15fec0ae662afdc7d6bd0824eb9313b0c0fbe7552b9a7cd5956d
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
101c28370affa64f4b2c1170e1c88a4e41c85cc46eb3ec94e9460ee3f3ef3f17
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
1894eb39d9509920da5e997893fbf884b9e800008b3e0d3962eac0b1cd8eff36
1a5c908ca4e36a81fd5cea9e42686e6b4450b9746411b284824be217bfb60529
1e25832361784f23173bc85ae9abd89d1bb5a899d2d5e45640efdc2a15e51b4a
1eb9c4071afe20a4b212f8eec45749821568a2281b15b04fc518eba6c2ab4d3a
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2b5e31ffbecf545078763618348e9329d0cfcee6e1cf341ed4e93860639b330e
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
34285d15d70adf09cc7213f6d7ad04671655b4a251b806ecec1d810444123286
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3addcab0381036d045c715d6b2a3de78c6952c2d0f995edd12f5377362854d5e
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3de8cfadcd96ac84bdf4981517cec0a39b7aa793fb5dab6c4b035aa2f867c619
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4379131f07b780e8db759f35351aec8e79a6fc353bc00b219337d7cd8e41ff6c
4387132b080bafa8682f414e3a6b1acd40b7dc9f1d27b92fcedd916b45329855
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf8ab7ae16606355626664cfc6ea43abe8cb869bda2cc1accb5b5a530e0dd0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550b579618a12c960b7fa1dee3b2b424982ea18e90663ac6920c69a8c0d2d0f5
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58657e4989034ddfc151c4ecdfe8743cba8a1fbc5e6853728de7b22982d57567
58f551cc4d9a1487e689bf3150188dd2aa4310435b5fdc30e393244846d07c71
5be969601983b78ca269a211aa027420d2cd2e61830e60d5ed87c62c008c6c70
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
65882b1837187198a336e7789df7d93e6cf354fc992113c1187931dda0b281bb
662b73b18b811de384591b752e56a6f85f053043a97fe1634d61c4636072d77d
67042ecb09a9f201dd298c4bb1b29f3493f5028b181e03792bc5c18c626e6b3a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
681fc70dd7794e58bb9914ad02d6c02ee4e420d1f055d717db8fff2a2d47f0f3
68ea24e6ad53c32ef05f980d17b79f0b2700fc77803fad67294ea48dca01e6a4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb6f7ec43a14319ab082b3d4ce3c97b80c7cb66a0d4c55b3fd0e8a4645ca050
70cb09b0124feca9ed56278fae1c53628fca241c2068315683eada6fd1fe11b4
743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871
74cbf4309493b22a2c6fc01d945c6d5be1dbdaaf2415af28b8da3d52d8b89f9c
75a8e65d4d104407c75b0bb533e09d3ff851e7f91c6d9398a846bd86397d3507
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
879c70f239bc0e953b28884b6d243a94ea4b691ca32765cf4766dfb5301c017f
8b725f037fc61599399da5afafd3a830d2a3534ef6299a6b52dac4bc100c2b93
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ede9442da1aa628410f13206a792fe8ea3d8315cc2dcbe4ed5cd95f83c84ca7
9168c769182b5cf1546793724579fa27cdc37663f5e91abcc24a7877230eedbf
940a598b825319f37bbdcc03e3ee10a32a5f2f90d76a2c59d7db83e31a511799
96964a152615d8455bbac7c9527520b00bb2c14ace438180323067d25eef74f6
977e62d1ff2593e20f9e9d8efd3d7315c9c978f781f61b832646f4d4a7d7da11
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
992cba1ad4a5172f3505cd3d985819fa53afe4fcd300cce89ee9aa26e086d771
99fa4cb099e9c6c9fe247ffed6d67b39d1dd8d53729a9a694d76544e17acaadf
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d
9fe3f2c3dbccdda9252a07fd042043e0a0e1bf504233e52ed0ee56b12d7dec24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8c1bf3a8563abbcb895aa6b2fd0be7df538fbbd067b2a1377db84cc93ceac86
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
ae5ae5f25752450fc87cf9705569e705ad790f712a9ede11a3fda4ce29561ded
ae9eae61cb8f7317dad50a5fae22c904092500c3499d143c825cf1e8c399173b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b244bae75dedd90e86fc05bbc78b265ce610b81841f735aedf382ee004198d36
b5695fbe7187b04a80233bc08242242346eb7b61e327712f6bf5198d5322f569
b6f426fd4671ff1549ab3277e225d5d480feecbea8aed00eb23e7d3b63754d9c
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaa774dc90597228c2f5fc00198510ccd5eb16eabd7d01f20a26629b05edf58
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
c2f50b9ea23d2642596c7e32eab84761ab9c95fb7d251d028d595f5b166b5823
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c4c0a8864a3bc814420c6c0741377c9d0b4b62018c150a4195c358a396b078bd
c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af
c5f80e8b2ce49cb4e240c2b130bef7e61f4f2771decb22a67139908f827f73a2
c74349191adf8b98c247533cb3258eb288d2b9be6108fbf2148da6b125750d51
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cbca3c81aa061380e124145126df82aab08e00cc48625a66584cce7a12ce00ca
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
cef013987a68a8dd57445801900c36a8b70a945e9b7fdcd15c8a9e0574ab3d98
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d3e776173afd35688e9c815151f676b6f2b537da0d1a728287826d539186fc45
d44d5b965d360cd9c8e2fdc4d06e115266a1fbcac34f1b511395e4f9059577a6
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7c029999a8a624d37094cacffe0c6e266d918164068ce9b36a525f0bab0e3e0
d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b
d886aab53efdd3aa1a92b59cd24b3e11aab1f5f2477acbde37d50044cd11af2e
d8db7221e276e32c4bd5809e8a53d5fe3ebbd7b3682a7ac5feaaa2c6ce667671
d8f71ce955efc4f94ec112be0a9e33c33667544ddadf1ae4f7321d2678781a22
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
e1a9c23d69a88fcd0a963a54a877b7a872204ec394637f8ddaa2fa7137a3b485
e2291a09f97aa5abbac3745131d1420ca48172b1990ee6975c9d2f38046af4bb
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2461dfa543477f00bbd6f1cb1ac2d53d1b8816c3da3913673f95cef5f7fca5a
e39ecc1dbe0831e900df70b041272da3c188ae3668dfe4ee87c8b022543820e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a8709a1c978bbdee2606a42b713586496c904986d0cbbfbfdd6e82cb35abf9
e79814ef2e9e554d6628d471735d3140c6caeb96d6154e35ddbdbf223e2ea9de
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c34824d9d89e5f0cf26c803ee530c9c58f53dcd00a7da8448285105d86d9af
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
ec234d20baef61dfd0c13ad5e4d6c8b2f46066e08fb0df08a6d1bd426b302fde
ee355326792798f103e98de1800885cb089b9015ec830f9b5f54d1de51e3230c
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3122174b8023e953b9111a90d35f42995df47f9dc138a32e44e284efc64ab77
f3c0bd2863093f223813795642fd0828ea5a4521079051a0d7a66c0459d01e19
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f836a0d4e328e71d6c818a8e5f25b4398d17f4b78610bb263a490c9cbb407748
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fca065539b2528308771d1cf7df1d9dd782c38ef782ab5d13b3cc76ad9c0140b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995