www.marchofdimes.org Open in urlscan Pro
2606:4700:10::6816:4345 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.marchofdimes.org/giving/support-email.aspx?srcCode=CCLGENEM2306CNT68727001&utm_source=modemail&utm_medium...
Effective URL:
https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&a...
Submission: On June 27 via api (June 27th 2023, 7:09:08 pm UTC) from US — Scanned from DE

Summary HTTP 303 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 86 IPs in 12 countries across 68 domains to perform 303 HTTP transactions. The main IP is 2606:4700:10::6816:4345, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 373418.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	2606:4700:10:... 2606:4700:10::6816:4345	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
4	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
8	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 6	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
9	23.38.98.111 23.38.98.111	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2600:9000:219... 2600:9000:219c:4800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	154.59.122.94 154.59.122.94	174 (COGENT-174) (COGENT-174)
2	44.199.66.14 44.199.66.14	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:217... 2600:9000:2171:4200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8 10	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
6	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	18.66.112.116 18.66.112.116	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	44.215.136.84 44.215.136.84	14618 (AMAZON-AES) (AMAZON-AES)
1	23.12.140.42 23.12.140.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
4	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:f400:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.22.54.118 104.22.54.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	18.192.33.2 18.192.33.2	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.194.136.210 18.194.136.210	16509 (AMAZON-02) (AMAZON-02)
3	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 3	99.81.116.28 99.81.116.28	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 3	18.203.90.154 18.203.90.154	16509 (AMAZON-02) (AMAZON-02)
2	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.125.198.113 3.125.198.113	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:1f18:612... 2600:1f18:612b:4200:f677:2600:2836:f912	14618 (AMAZON-AES) (AMAZON-AES)
2	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
2	2.22.155.103 2.22.155.103	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.248.97.165 3.248.97.165	16509 (AMAZON-02) (AMAZON-02)
2	44.215.137.250 44.215.137.250	14618 (AMAZON-AES) (AMAZON-AES)
2	52.218.153.120 52.218.153.120	16509 (AMAZON-02) (AMAZON-02)
12	35.156.192.184 35.156.192.184	16509 (AMAZON-02) (AMAZON-02)
1	52.58.191.52 52.58.191.52	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
6	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218d:ea00:14:4f74:f880:21	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2	34.254.148.66 34.254.148.66	16509 (AMAZON-02) (AMAZON-02)
1	54.244.31.99 54.244.31.99	16509 (AMAZON-02) (AMAZON-02)
2	3.19.254.15 3.19.254.15	16509 (AMAZON-02) (AMAZON-02)
303	86

42 2606:4700:10::6816:4345 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.marchofdimes.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
give.marchofdimes.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8832015.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.38.98.111 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-111.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:219c:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.94 (United States)

ASN174 (COGENT-174, US)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.199.66.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-66-14.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2171:4200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::d (France) 8 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.7.11 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-116.fra56.r.cloudfront.net

static-na.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.215.136.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-136-84.compute-1.amazonaws.com

payments.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.12.140.42 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a23-12-140-42.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:f400:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.54.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.192.33.2 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-33-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.136.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-136-210.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.116.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-116-28.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.90.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-90-154.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.198.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-198-113.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:f677:2600:2836:f912 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.22.155.103 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-155-103.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.97.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-97-165.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.137.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-137-250.compute-1.amazonaws.com

apay-us.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.153.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.156.192.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.191.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-191-52.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States)

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:ea00:14:4f74:f880:21 (United States)

ASN16509 (AMAZON-02, US)

d2ldlvi1yef00y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.148.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-148-66.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.31.99 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-31-99.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.19.254.15 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-254-15.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	marchofdimes.org 1 redirects www.marchofdimes.org — Cisco Umbrella Rank: 373418 give.marchofdimes.org — Cisco Umbrella Rank: 762786	1 MB
22	criteo.com 10 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3367 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 sslwidget.criteo.com — Cisco Umbrella Rank: 1751 widget.us.criteo.com — Cisco Umbrella Rank: 17561 dis.criteo.com — Cisco Umbrella Rank: 608	58 KB
20	doubleclick.net 6 redirects 8832015.fls.doubleclick.net — Cisco Umbrella Rank: 744996 ad.doubleclick.net — Cisco Umbrella Rank: 184 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	42 KB
16	braintreegateway.com 1 redirects js.braintreegateway.com — Cisco Umbrella Rank: 7273 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8876 assets.braintreegateway.com — Cisco Umbrella Rank: 18903	42 KB
12	bing.com bat.bing.com — Cisco Umbrella Rank: 390	50 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	110 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	750 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	30 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 718	234 KB
8	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 5528 b.stats.paypal.com — Cisco Umbrella Rank: 4987 dub.stats.paypal.com — Cisco Umbrella Rank: 19488 c6.paypal.com — Cisco Umbrella Rank: 6614	45 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com maps.gstatic.com	408 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	309 B
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	573 KB
8	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1250 pixel.quantserve.com — Cisco Umbrella Rank: 1003	38 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 sync-t1.taboola.com — Cisco Umbrella Rank: 1321 trc-events.taboola.com — Cisco Umbrella Rank: 1860	40 KB
7	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	6 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 maps.googleapis.com — Cisco Umbrella Rank: 399	227 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	6 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	134 KB
5	amazon.com payments.amazon.com — Cisco Umbrella Rank: 22393 apay-us.amazon.com — Cisco Umbrella Rank: 39683	3 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
4	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9933	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4752	779 B
4	acuityplatform.com e.acuityplatform.com — Cisco Umbrella Rank: 14716 origin.acuityplatform.com — Cisco Umbrella Rank: 19021 ums.acuityplatform.com — Cisco Umbrella Rank: 1453	5 KB
4	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	5 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	11 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1592 insight.adsrvr.org — Cisco Umbrella Rank: 603	5 KB
3	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 670	1 KB
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	3 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573	2 KB
3	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	155 B
3	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	489 B
3	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	717 B
2	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2046	535 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	675 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245	75 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3886	800 B
2	twiago.com a.twiago.com — Cisco Umbrella Rank: 26095	306 B
2	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505	797 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	1009 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	290 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	2 KB
2	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	377 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	2 KB
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	330 B
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1276	323 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	279 B
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	326 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	715 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 675	1 KB
2	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 11600	14 KB
2	payments-amazon.com static-na.payments-amazon.com — Cisco Umbrella Rank: 18199	118 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	772 B
2	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 12797	69 B
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 64201	113 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	9 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1191	95 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1174	14 KB
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 18592	1003 B
1	cloudfront.net d2ldlvi1yef00y.cloudfront.net	4 KB
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9057	366 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1538	305 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1060	311 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 533	499 B
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 43836	4 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032	5 KB
303	68

	Domain	Requested by
24	give.marchofdimes.org	www.marchofdimes.org give.marchofdimes.org static.cloudflareinsights.com
18	www.marchofdimes.org	1 redirects www.marchofdimes.org static.cloudflareinsights.com
12	client-analytics.braintreegateway.com	give.marchofdimes.org
12	bat.bing.com	www.googletagmanager.com bat.bing.com 8832015.fls.doubleclick.net
11	www.googletagmanager.com	www.marchofdimes.org www.googletagmanager.com give.marchofdimes.org
10	gum.criteo.com	8 redirects dynamic.criteo.com
9	analytics.tiktok.com	www.marchofdimes.org analytics.tiktok.com
8	www.facebook.com	8832015.fls.doubleclick.net
8	connect.facebook.net	www.marchofdimes.org connect.facebook.net 8832015.fls.doubleclick.net
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	www.google.com	give.marchofdimes.org www.gstatic.com www.google.com
6	maps.googleapis.com	www.marchofdimes.org maps.googleapis.com
6	ad.doubleclick.net	2 redirects www.marchofdimes.org
6	cdn.cookielaw.org	www.marchofdimes.org cdn.cookielaw.org
5	c.paypal.com	give.marchofdimes.org c.paypal.com
4	dis.criteo.com
4	x.bidswitch.net	2 redirects www.marchofdimes.org
4	payments.braintree-api.com	give.marchofdimes.org
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.de
4	pixel.quantserve.com	8832015.fls.doubleclick.net
4	px.ads.linkedin.com	4 redirects
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	rules.quantcount.com	secure.quantserve.com
4	secure.quantserve.com	www.googletagmanager.com 8832015.fls.doubleclick.net
4	8832015.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
3	ad.360yield.com	1 redirects www.marchofdimes.org
3	dpm.demdex.net	1 redirects
3	r.casalemedia.com	1 redirects www.marchofdimes.org
3	ups.analytics.yahoo.com	8832015.fls.doubleclick.net
3	rtb-csync.smartadserver.com	8832015.fls.doubleclick.net www.marchofdimes.org
3	pixel.rubiconproject.com	8832015.fls.doubleclick.net
3	secure.adnxs.com	1 redirects www.marchofdimes.org
3	ib.adnxs.com	3 redirects
3	cm.g.doubleclick.net	2 redirects 8832015.fls.doubleclick.net
3	payments.amazon.com	static-na.payments-amazon.com
3	region1.google-analytics.com	www.googletagmanager.com
3	js.braintreegateway.com	give.marchofdimes.org
2	s.thebrighttag.com
2	maps.gstatic.com
2	beacon.krxd.net
2	fonts.gstatic.com	www.google.com
2	pixel.tapad.com	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	apay-us.amazon.com	static-na.payments-amazon.com
2	sync-criteo.ads.yieldmo.com
2	ad.yieldlab.net
2	a.twiago.com	www.marchofdimes.org
2	criteo-partners.tremorhub.com	www.marchofdimes.org
2	simage2.pubmatic.com	www.marchofdimes.org
2	sync.outbrain.com	www.marchofdimes.org
2	exchange.mediavine.com
2	matching.ivitrack.com	www.marchofdimes.org
2	id5-sync.com	www.marchofdimes.org
2	visitor.omnitagjs.com	www.marchofdimes.org
2	cm.adform.net	www.marchofdimes.org
2	eb2.3lift.com	www.marchofdimes.org
2	criteo-sync.teads.tv	www.marchofdimes.org
2	sync-t1.taboola.com
2	match.sharethrough.com
2	contextual.media.net	www.marchofdimes.org
2	cdn.ywxi.net	give.marchofdimes.org
2	static-na.payments-amazon.com	give.marchofdimes.org static-na.payments-amazon.com
2	widget.us.criteo.com	8832015.fls.doubleclick.net
2	sslwidget.criteo.com	2 redirects
2	mug.criteo.com	8832015.fls.doubleclick.net
2	px4.ads.linkedin.com
2	cdn.linkedin.oribi.io	snap.licdn.com
2	insight.adsrvr.org	js.adsrvr.org
2	adservice.google.com	8832015.fls.doubleclick.net
2	dynamic.criteo.com	8832015.fls.doubleclick.net
2	px.adentifi.com	8832015.fls.doubleclick.net
2	e.acuityplatform.com	8832015.fls.doubleclick.net origin.acuityplatform.com
2	doublethedonation.com	give.marchofdimes.org
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	pagead2.googlesyndication.com	ad.doubleclick.net
2	trc.taboola.com	cdn.taboola.com
2	www.googleoptimize.com	www.googletagmanager.com
2	cdn.taboola.com	www.googletagmanager.com
2	js.adsrvr.org	www.googletagmanager.com
2	static.cloudflareinsights.com	www.marchofdimes.org give.marchofdimes.org
1	www.trustedsite.com	cdn.ywxi.net
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	d2ldlvi1yef00y.cloudfront.net
1	ssl.kaptcha.com	give.marchofdimes.org
1	assets.braintreegateway.com	1 redirects
1	pixel.advertising.com	1 redirects
1	ums.acuityplatform.com	8832015.fls.doubleclick.net
1	ce.lijit.com	8832015.fls.doubleclick.net
1	aa.agkn.com	8832015.fls.doubleclick.net
1	widgets.guidestar.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	origin.acuityplatform.com	8832015.fls.doubleclick.net
1	maxcdn.bootstrapcdn.com	give.marchofdimes.org
1	www.linkedin.com	1 redirects
1	fonts.googleapis.com	www.marchofdimes.org
303	100

This site contains links to these domains. Also see Links.

Domain
gifts.marchofdimes.org
nacersano.marchofdimes.org
bit.ly
www.tiktok.com
youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
doublethedonation.com R3	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
static-na.payments-amazon.com Amazon RSA 2048 M02	`2023-05-23` - `2024-06-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
payments.amazon.com Amazon RSA 2048 M01	`2023-04-25` - `2024-03-27`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-10-16`	a year	crt.sh
*.ywxi.net Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
apay-us.amazon.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-18` - `2023-10-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.trustedsite.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Frame ID: 21AA8A92C29F19F7FE36F9CBD89EF707
Requests: 92 HTTP requests in this frame

Frame: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Frame ID: F23A1398E0FF1809A1040FD4874CD0A0
Requests: 103 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Frame ID: C2096247C9322F688FEC62E835DD2121
Requests: 16 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&upid=b8lvzxo&upv=1.1.0
Frame ID: 8F067B70CA7C5F455860EB30AC16032E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 4295B82720F03554CECD332C842A7A5C
Requests: 2 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2
Frame ID: E23FD486D5DB720FFA6D3F6C096B3506
Requests: 24 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&upid=b8lvzxo&upv=1.1.0
Frame ID: 2EFE34B5B7BD088BACF475DD32B90103
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_Xq4UAAAAAHd1hKHMAy-iydWdiqmt5E-IKeak&co=aHR0cHM6Ly9naXZlLm1hcmNob2ZkaW1lcy5vcmc6NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oxei8q6p100v
Frame ID: A18BABE7D2BF2BB01B136A54B1CC0C19
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 5E13CCFDDDF9462448152F491E35F1C0
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
Frame ID: AAA7D724CC0B6D7F745A8CCAEAFAB7C6
Requests: 28 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c
Frame ID: 9A0181945F62712D22FA4FCCC47E90F0
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: E6024AF6BF424893B2B741F71F3C9EDF
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14
Frame ID: CF9AED1B257EE035E8353920151B11CC
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
Frame ID: B52964845D6F134B2A9FD6C1E0766AAB
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support Email | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

https://www.marchofdimes.org/giving/support-email.aspx?srcCode=CCLGENEM2306CNT68727001&utm_source=mod... HTTP 301
https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

303
Requests

91 %
HTTPS

34 %
IPv6

68
Domains

100
Subdomains

86
IPs

12
Countries

4498 kB
Transfer

13420 kB
Size

83
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://gifts.marchofdimes.org/
Title: Gift Guide

Search URL Search Domain Scan URL

URL: https://nacersano.marchofdimes.org/
Title: Nacersano

Search URL Search Domain Scan URL

URL: http://bit.ly/FBMarchofDimes
Title: March of Dimes Facebook

Search URL Search Domain Scan URL

URL: http://bit.ly/MODInsta
Title: March of Dimes Instagram

Search URL Search Domain Scan URL

URL: http://bit.ly/MarchofDimesLI
Title: March of Dimes LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@marchofdimes
Title: March of Dimes TikTok

Search URL Search Domain Scan URL

URL: http://bit.ly/MODTwitter
Title: March of Dimes Twitter

Search URL Search Domain Scan URL

URL: http://youtube.com/marchofdimes
Title: March of Dimes YouTube Channel

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.marchofdimes.org/giving/support-email.aspx?srcCode=CCLGENEM2306CNT68727001&utm_source=modemail&utm_medium=email&utm_campaign=2023oth&utm_content=em-loc-txho-2023oth-texas-heb-campaign2 HTTP 301
https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2 HTTP 302
https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2

Request Chain 61

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CPKhkZmT5P8CFVbyEQgdr-AHGA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 94

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1687892940791%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&cookiesTest=true&liSync=true&e_ipv6=AQK-RrTh1WAGRwAAAYj-QlqYBJ1jrhZFVrQdCrNKQQotMTX0imbxw7Wg7Bk_rmqAhJmXVCQk5B1ePA

Request Chain 113

https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7PaOTHx3VmxqOFR3TWFVNG9jQ0FYQmZIZldzMndja2owcDJzZW5yYVUzRm16bmsrTFBGZHRIQm1WcWcyNFNJV2dxZ0swQ1lPeVBnWlY0SGdWUTE3eFRQdEhOT1NnRU9MRGRvL3dqZnFJNStSYjNVYW4vWjRCaXRMQTdacStMUkZ1UGxUaEFER3ZrN3N4OVRIcnp4Y2wyeExyZzI2YTZRYTVGeVY1azkrQUdCdUpxRHUrUklqdENUZW9lOEtESmFxbW9ZeDBqeGpPeEo4RUREK2Y2QUprd2FHRys0NFYzUkE0VmwwY2FMeHArRHlJczdHLzk4SmRwamFYODVOVFhjRmtlbUpBZkdtZ0pBSmR6cmpVOHBjRUtNV1U1ZkxkQ29GQmFsOXR3MnhVOU5hOWg3S21IUlp6S3BQN3lTSUJyZGxUVFdxQXw&cppv=2

Request Chain 121

https://sslwidget.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=7ced9a36-52c1-4969-9d77-eef7e526e56a&dtycbr=63446 HTTP 302
https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=7ced9a36-52c1-4969-9d77-eef7e526e56a&dtycbr=63446

Request Chain 136

https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2 HTTP 302
https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2

Request Chain 142

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CILwzpmT5P8CFYzhuwgdPf8C6w;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 176

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F&e_ipv6=AQI8pB-tisQmOAAAAYj-QlzX-n68FfLlmz7Yk4RKf_IAzzZJB5LQqAHQFmAE-lrZwcqKGL6z-Rc-nQ

Request Chain 180

https://sslwidget.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=97ed2317-887b-480b-a23f-43e6a2ff4453&dtycbr=65470 HTTP 302
https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=97ed2317-887b-480b-a23f-43e6a2ff4453&dtycbr=65470

Request Chain 199

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_cm&google_hm=ay1wUU1lTG1oSW5IOHRncVRzRjBmWWtYeW9iQ01rQWlsS3R2QW1MQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

Request Chain 201

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

Request Chain 202

https://secure.adnxs.com/setuid?entity=52&code=k-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg

Request Chain 213

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg&C=1

Request Chain 214

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK

Request Chain 216

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ

Request Chain 234

https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LX24m3xnVjFYdVJDUDNPTm1xWjdzU3FpTDJKTzJsSmhmdUlRQjhTdzd1a05WMHE2cStrZVR6WWJINlNBRytuYkZDMnJpcEVuMCtsME9JUEQrTFZ5VGJ0TkxVWHBoU09KeWl6ZW9XYlFRZmJaQ1FoeTdqdjVNTG5GQVJmaTdnNG43aVFpcEVhbEQyc0xzbVVXZmZ4Z0xseWhLa2U1bk9oeU1DRG5hb2lDSzcyME9weVZGNkVQUENXSFNtMGxvTkhVTTZuYnR5NTNReHYyL1VlV2ZZNXR3UTJpdUpsVWQ3YjI2QzI4WCtkNFpOYU5tcnd6eFU1TFdxSXk1a1NhMHNJZEpzeWFBU1NkZGw2VlNGNDJPYWJzWUIyelFjS2FZaDR4NXBvRm9ybE9DN21EaXRkSnBIVmFyT3paWHc0SjlaeTFKekIrdkg0V3dtanlFRHpDYU1sSU9JODlsS3c9PXw&cppv=2

Request Chain 244

https://x.bidswitch.net/sync?dsp_id=236&user_id=794645753824&expires=30&user_group=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=6ef01bf4-6e69-4e4a-ac1c-44cc403fea99&gdpr=&gdpr_consent=

Request Chain 248

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794645753824&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794645753824%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=794645753824&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794645753824%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://ums.acuityplatform.com/sum?umid=64&auid=794645753824&uid=96308d54-bc72-4b54-bda5-59aa45f06ee1

Request Chain 249

https://pixel.advertising.com/ups/55950/sync?uid=794645753824&_origin=1 HTTP 301
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794645753824&_origin=1

Request Chain 260

https://assets.braintreegateway.com/data/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c HTTP 302
https://ssl.kaptcha.com/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c

Request Chain 269

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14 HTTP 302
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14

Request Chain 271

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qIj0NdG1uJoir7PRtEfccXhslftxXUK0

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_cm&google_hm=ay1wUU1lTG1oSW5IOHRncVRzRjBmWWtYeW9iQ01rQWlsS3R2QW1MQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

Request Chain 279

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

Request Chain 288

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=391g6yqKjbwweMoFa6X_C0pBEMFDvQhJ

Request Chain 310

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g1D6s1I5memL1n6VA4fpkhbko6Qrtrgs

Request Chain 311

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=c5nEVNYwrU7uf_qm7E73_x21sFk694gv

Request Chain 312

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=qk71-4KhN37nQmg1g5_sKrEXi6gpptX7

303 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request support-email Show response
www.marchofdimes.org/
Redirect Chain

https://www.marchofdimes.org/giving/support-email.aspx?srcCode=CCLGENEM2306CNT68727001&utm_source=modemail&utm_medium=email&utm_campaign=2023oth&utm_content=em-loc-txho-2023oth-texa...
https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-he...

35 KB
7 KB

568ms
568ms

Document
text/html

2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.17

Resource Hash

80e3c5b69da6c738af26cccbbf96cc8ce1eba1c739f89d5d009657f7c752a1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7ddffb575f320414-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Tue, 27 Jun 2023 19:08:59 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-powered-by: PHP/8.1.17
x-ua-compatible: IE=edge

Redirect headers

cache-control: must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7ddffb53daa40414-FRA
content-language: en
content-type: text/html; charset=UTF-8
date: Tue, 27 Jun 2023 19:08:59 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
location: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
server: cloudflare
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-powered-by: PHP/8.1.17
x-redirect-id: 1414
x-ua-compatible: IE=edge

GET
H2 200 css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 8 KB
2 KB 140ms
139ms Stylesheet
text/css 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 21:32:33 GMT
server: cloudflare
cf-polished: origSize=8629
etag: W/"21b5-5ff0f16af8c08-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ddffb5afb9d0414-FRA

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 94ms
39ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap

Requested by

Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
www.marchofdimes.org/sites/default/files/css/ 168 KB
30 KB 134ms
134ms Stylesheet
text/css 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec8d9188f95b588e43c5e1b0afdce5220b5fd187dba5d29f991951af932d26c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 21:32:34 GMT
server: cloudflare
cf-polished: origSize=173230
etag: W/"2a4ae-5ff0f16b6fe48-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ddffb5afba00414-FRA

GET
H2 200 rocket-loader.min.js Show response
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7ddffb5afba10414-FRA
expires: Thu, 29 Jun 2023 19:08:59 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 122ms
73ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.marchofdimes.org/
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ddffb5b48d09963-FRA

GET
H2 200 sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 6 KB
2 KB 29ms
29ms Other
image/svg+xml 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"19d4-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7ddffb5afba20414-FRA

GET
H2 200 js_Zv7ojr4Ypyqjo1g2EIX4lQLY46BHPH-ABZKqTmoibf0.js Show response
www.marchofdimes.org/sites/default/files/js/ 12 KB
3 KB 141ms
140ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/sites/default/files/js/js_Zv7ojr4Ypyqjo1g2EIX4lQLY46BHPH-ABZKqTmoibf0.js
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 162692cee65928b3636189ce96876a1634e775c2ae219bdb100cb2580cba323e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 21:32:34 GMT
server: cloudflare
cf-polished: origSize=12370
etag: W/"3052-5ff0f16bee5b8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ddffb5bfcc50414-FRA

GET
H2 200 reminder.js Show response
give.marchofdimes.org/ 4 KB
1 KB 35ms
33ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/reminder.js
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6cfb0d3d7be77e19468d1f315e892963adf4975af43084e66d25d5b6a7edce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 20:55:47 GMT
server: cloudflare
age: 4464
cf-polished: origSize=6167
etag: W/"821a745ec13d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5bfccb0414-FRA

GET
H2 200 js_wW_dXnGRu-6sPtAvcvQan7Ff0GOXafTPZxGeDf8UFy8.js Show response
www.marchofdimes.org/sites/default/files/js/ 160 KB
62 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/sites/default/files/js/js_wW_dXnGRu-6sPtAvcvQan7Ff0GOXafTPZxGeDf8UFy8.js
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8baad8c872e6151f0eebedff088050aa8570d12e30c5ba3e28c4b2cf0a104ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 21:32:33 GMT
server: cloudflare
age: 204
cf-polished: origSize=165572
etag: W/"286c4-5ff0f16b2f708-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ddffb5bfcc90414-FRA

GET
H2 200 form.js Show response
give.marchofdimes.org/ 4 KB
2 KB 130ms
129ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/form.js
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50afc1962e4dc0407de9a4a19fe336d29ef2743f2cc8993dd423e24fd5b8b0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 10 Feb 2023 17:16:27 GMT
server: cloudflare
cf-polished: origSize=6430
etag: W/"6369f768733dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5bfcce0414-FRA

GET
H2 200 google_tag.script.js Show response
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 348 B
339 B 140ms
139ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?rwx7pw
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 27 Jun 2023 16:42:07 GMT
server: cloudflare
etag: W/"15c-5ff1f25d2a480-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ddffb5bfcca0414-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 82ms
31ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 10032
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6820
x-ms-lease-status: unlocked
last-modified: Mon, 26 Jun 2023 18:15:29 GMT
server: cloudflare
etag: 0x8DB7671529D7907
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f7f39f14-f01e-0180-5767-a83d19000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5c4c8f9255-FRA

GET
H2 200 coronavirus-bg-donation-1400x940.png
www.marchofdimes.org/sites/default/files/2022-10/ 165 KB
166 KB 131ms
130ms Image
image/webp 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.marchofdimes.org/sites/default/files/2022-10/coronavirus-bg-donation-1400x940.png
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c9dcbc2a886326a35aebbb23d52ede5de4e5012008d3be27eaf2ba380b9864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 25 Oct 2022 16:55:25 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=270862
etag: "4220e-5ebdec6417940"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
content-disposition: inline; filename="coronavirus-bg-donation-1400x940.webp"
accept-ranges: bytes
cf-ray: 7ddffb5bfcd20414-FRA
content-length: 169210

GET
H2 200 fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 8 KB
3 KB 52ms
51ms Image
image/svg+xml 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:18:35 GMT
server: cloudflare
age: 3799
etag: W/"1fb9-5ff0ee4b140c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7ddffb5bfcd30414-FRA

GET
DATA 200
OK truncated
/ 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 328 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 518 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 392 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 389 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 580 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 535 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 123 KB
49 KB 47ms
45ms Font
font/otf 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d

Request headers

Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"1eb4c-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=14400
cf-ray: 7ddffb5c1cef0414-FRA

GET
H2 200 7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 130 KB
54 KB 47ms
45ms Font
font/otf 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534

Request headers

Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"206b0-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=14400
cf-ray: 7ddffb5c1cf10414-FRA

GET
H2 200 09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 131 KB
56 KB 41ms
40ms Font
font/otf 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45

Request headers

Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"20b6c-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=14400
cf-ray: 7ddffb5c1cf20414-FRA

GET
H2 200 f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 129 KB
54 KB 58ms
57ms Font
font/otf 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416

Request headers

Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"20448-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=14400
cf-ray: 7ddffb5c1cff0414-FRA

GET
H2 200 e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 131 KB
55 KB 57ms
56ms Font
font/otf 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92

Request headers

Referer: https://www.marchofdimes.org/sites/default/files/css/css_qQbv3sSeXJYzmvuHMNy9yIfWTRVfe9Xjs1VkSSUDJqc.css
Origin: https://www.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"20a90-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=14400
cf-ray: 7ddffb5c1d000414-FRA

GET
H2 200 ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json Show response
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 3 KB
2 KB 75ms
32ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f312af48d9dcc5d90470fab6410aabb3b5dcb4c8aaf6e5bc4cdef61f614b9dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cfxJGfZoqchvCQVD1/fksw==
age: 35749
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1802
x-ms-lease-status: unlocked
last-modified: Wed, 04 Mar 2020 14:33:04 GMT
server: cloudflare
etag: 0x8D7C048F3180C98
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c27ff3df-c01e-0144-57e1-5a42df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5d2db0923b-FRA
expires: Wed, 28 Jun 2023 19:09:00 GMT

GET
H2 200 / Show response
give.marchofdimes.org/ Frame F23A 4 KB
2 KB 399ms
398ms Document
text/html 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a0c564a67ef9dc6ca28115db91817440d33c76f21970cb1f00c40c328b4b6e94

Request headers

Referer: https://www.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7ddffb5cee050414-FRA
content-encoding: br
content-type: text/html
date: Tue, 27 Jun 2023 19:09:00 GMT
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
permissions-policy: interest-cohort=()
server: cloudflare
x-powered-by: ASP.NET

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.90.0/js/ 42 KB
13 KB 105ms
19ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.90.0/js/client.min.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6d5535eebc025b0ec950d3c1afbf12f0de0f37cdfd7b871caa667b5f62f0f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 4f3da27b82879
dc: ccg11-origin-www-1.paypal.com
content-length: 12403
x-served-by: cache-sjc1000124-SJC, cache-fra-etou8220088-FRA
last-modified: Tue, 21 Feb 2023 15:53:04 GMT
traceparent: 00-00000000000000000004f3da27b82879-9c6a369ff1fe693a-01
x-timer: S1687892940.387087,VS0,VE0
etag: W/"63f4e8e0-a921"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 256, 5

GET
H2 200 apple-pay.min.js Show response
js.braintreegateway.com/web/3.90.0/js/ 22 KB
6 KB 111ms
25ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.90.0/js/apple-pay.min.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0cc1033bf8560f3163075c711d0ae90b5d01918c85bbd5a7f79badfd82a4cda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: f09f7f1d7100e
dc: ccg11-origin-www-1.paypal.com
content-length: 6264
x-served-by: cache-sjc1000140-SJC, cache-fra-etou8220088-FRA
last-modified: Tue, 21 Feb 2023 15:53:04 GMT
traceparent: 00-0000000000000000000f09f7f1d7100e-375d3785921b32b8-01
x-timer: S1687892940.387402,VS0,VE4
etag: W/"63f4e8e0-5616"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 821, 1

GET
H2 200 venmo.min.js Show response
js.braintreegateway.com/web/3.90.0/js/ 81 KB
21 KB 106ms
21ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.90.0/js/venmo.min.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71a43dc553fa4925b60196b2fda0cada19776eebb337e8575ca375ca982b3aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 1767641df8f81
dc: ccg11-origin-www-1.paypal.com
content-length: 20815
x-served-by: cache-sjc10060-SJC, cache-fra-etou8220088-FRA
last-modified: Tue, 21 Feb 2023 15:53:04 GMT
traceparent: 00-00000000000000000001767641df8f81-9e5c54df523a8fa5-01
x-timer: S1687892940.387419,VS0,VE0
etag: W/"63f4e8e0-1452c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 498, 4

GET
H2 200 applepay.js Show response
give.marchofdimes.org/js/ 4 KB
2 KB 129ms
129ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/applepay.js?rnd=230210
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5bc7ed953506310e11e30be374ff8c3f4f4e57d4cf5a9265ee213156d70439f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=7984
etag: W/"aae7d64b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5cee080414-FRA

GET
H2 200 venmo.js Show response
give.marchofdimes.org/js/ 2 KB
956 B 130ms
129ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/venmo.js?rnd=230210
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c5a7657aa4539fa09d984d84433d76b6ba1cc9235af3ab52b421ffa886244388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=5167
etag: W/"cb35d74b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5cee090414-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
97 KB 81ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Requested by

Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?rwx7pw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

005097a39215fa44239fbe7b24acae9d697d5a45d75e5fe4b06158ab2a96812b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99112
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 6 KB
2 KB 30ms
30ms Other
image/svg+xml 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_wW_dXnGRu-6sPtAvcvQan7Ff0GOXafTPZxGeDf8UFy8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 21:21:19 GMT
server: cloudflare
age: 4064
etag: W/"19d4-5ff0eee77b1c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7ddffb5d2e850414-FRA

GET
H2 200 reminder.css
give.marchofdimes.org/css/ 2 KB
699 B 30ms
30ms Stylesheet
text/css 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/css/reminder.css?5435
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/reminder.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a2925ebc9df04ccd6394511af90bc09bf370d19e6797a2434459574d89a6797e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
age: 7043
cf-polished: origSize=3711
etag: W/"9f0d24b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5d2e880414-FRA

POST
H2 204 rum Show response
www.marchofdimes.org/cdn-cgi/ 0
209 B 23ms
23ms XHR
text/plain 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchofdimes.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.marchofdimes.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ddffb5d3ea70414-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/5.13.0/ 389 KB
94 KB 32ms
32ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/5.13.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

759cbd9881e14214af52dfb585ccf70ea59037598b67cc9cf6df7d3fea7abfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: av5EYi/+VJcKyIBzruXtUw==
age: 42956
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 95775
x-ms-lease-status: unlocked
last-modified: Tue, 25 Feb 2020 19:24:49 GMT
server: cloudflare
etag: 0x8D7BA2861DF0E68
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 92428193-e01e-0013-1de1-5aed07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5d5d7c9255-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 59 KB
11 KB 33ms
33ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f7167ab74ead6a6e3489d9b9fba5d85d81ccab4acc32c6903f46be4e0595df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mm7MKhwPDTwiFeSK2bbVLw==
age: 14578
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11098
x-ms-lease-status: unlocked
last-modified: Wed, 04 Mar 2020 14:33:05 GMT
server: cloudflare
etag: 0x8D7C048F393E3C4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5d4c8b2e-b01e-0162-7ce1-5ad96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5dce3e923b-FRA
expires: Wed, 28 Jun 2023 19:09:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 96ms
25ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 02:20:08 GMT
Content-Encoding: gzip
Via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 60535
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: yOWu1ZZPZMEKYwZ5B83EJfKifs0EexKlum25xgnNV8ArJq5sq-IwZQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 126 KB
49 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8832015

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

222f8d607f65910837fbcc42a3e993b770affdcba363b250608f5f269b7fcc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49816
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2018
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 20:35:22 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1335104/ 58 KB
18 KB 87ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96fb9133af4fc11be09fdd728b581747d02dc4f0ad430ef1b8eb1e01645d9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VBoy5Qimu7OBozarJjazxddLfBzdNYtK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 27 Jun 2023 19:09:00 GMT
x-amz-request-id: HJKJKXYJP9CT3MF8
age: 75
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18351
x-amz-id-2: 6Q24CbTwgANBpNPELdUZyiMWY9xK9d/iY4pVFRP2WtcN/aWKPVLdwZmIUJgQlMu54V0O9Jl+sZ4=
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Sun, 25 Jun 2023 11:17:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687892941.560295,VS0,VE2
etag: "d8c8ee1b26d4032e6416727c688f93d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 114ms
32ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=72316
accept-ranges: bytes
content-length: 560

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 107ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Jun 2023 19:09:00 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B08A9B155A04637ACA1E639B89B6393 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2

200

activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%... Show response
8832015.fls.doubleclick.net/ Frame C209
Redirect Chain

https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3...
https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uam...

3 KB
2 KB

70ms
69ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

bb2f6953bfef4bf57c6c9d2a0072cc24119035aff358fea199016b820d6277f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:00 GMT
expires: Tue, 27 Jun 2023 19:09:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 79ms
23ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 04 Jul 2023 19:09:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 170 KB
47 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: 8hyxq45dvrE4ZrBON8I6K3SxzpoS18qYmM6jGigGIu2+zDU29UarNn9Cm54G8p7qinLMddNbofYZoAkbMYj4Vg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 B21591273.227039140;sz=1x2;ord=124471048499 Show response
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 37 KB
14 KB 116ms
52ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=124471048499?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

8f7e48b6a5d055df25a50eb84512d62923b17ed749e3aed5b4f8ed696e872a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 121 KB
47 KB 84ms
30ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f32ce6ea4194bc7819267f4c17658ce465a5aeba7c4b9a4a188155045ab34e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48126
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 209ms
124ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0d375a8163b7d3e9425aed94e2f407f4650c2cde7737cbabe02a0be0d4782835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: d2474f2.133e7710
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 100,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=9, inner; dur=3
content-length: 1574
pragma: no-cache
server: nginx
x-tt-logid: 202306271909007FC70E4F1A82C91222C9
x-cache-remote: TCP_MISS from a23-222-16-52.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.222.16.52
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d72994ed1e763303437c132a2235f3f4436ff15a0410fb724cc895b948ce30589b581803a2ee077793618116620a2b46031a7e59b7b3bd292e87091ee77fd82bbd5e97a738a7af45cc3674c843275df5e581349455fb08282f25e6e4a34770fdd1
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

353484e3a51f2cf2d22c7070946173bc5c3d029d43a684871f31d0805e5cffaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2

200

B21581475.265419780;dc_pre=CPKhkZmT5P8CFVbyEQgdr-AHGA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CPKhkZmT5P8CFVbyEQgdr-AHGA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...

42 B
346 B

51ms
49ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CPKhkZmT5P8CFVbyEQgdr-AHGA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CPKhkZmT5P8CFVbyEQgdr-AHGA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/5.13.0/assets/ 15 KB
3 KB 36ms
36ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/5.13.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f52e4e999a441c151183d77efd6dad3915e650409ea65b94b7e0fc067dcd0abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: idLIfkDq/eva4EuRGVQzZQ==
age: 39437
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2839
x-ms-lease-status: unlocked
last-modified: Tue, 25 Feb 2020 19:24:47 GMT
server: cloudflare
etag: 0x8D7BA28607C070E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 51dfd913-101e-000d-15e1-5a37ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5e3e98923b-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/5.13.0/assets/ 84 KB
17 KB 35ms
35ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/5.13.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bd6c30a523ce8b33d96dc79b1d759b5d5634740ae76aa6557e2d3741082e067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bbq+cqhXBxu2QqVrgDpPqg==
age: 35749
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17012
x-ms-lease-status: unlocked
last-modified: Tue, 25 Feb 2020 19:24:47 GMT
server: cloudflare
etag: 0x8D7BA28609F260F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b839e33e-a01e-00be-17e1-5acd6d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ddffb5e4e99923b-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 75ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je36q0&_p=1872057892&cid=1519028990.1687892941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687892940&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&dt=Support%20Email%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 27ms
26ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1872057892&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&ul=en-us&de=UTF-8&dt=Support%20Email%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=641764465&gjid=571503594&cid=1519028990.1687892941&tid=UA-219864-60&_gid=1929714967.1687892941&_r=1&_slc=1&gtm=45He36q0n81WNJ3K3P&z=721631706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1621384747882069 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1621384747882069?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e39929df145bda156a8abe9a54286626f6b480e34c52760559ce3fd8a051bde

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Lxn5kpfwgvCDpG5j93vZBRwGzXwX1CJ6ZkAQJgXcM0wA9F3ZZqLhFDz9SFMa4GClVSEVFF7vQvq3UQ+YHEvmwg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
70 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb9e92c450f398a4cf0f53ec551dd8a8c76007d5cb3cf79b87be7c18e8fdc95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71301
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aabf437350f8ed211a46160abbbebd2367fcaacabd952f786c89c31e2a08a3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54971
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 rules-p-4LjrHyeV3QUW4.js Show response
rules.quantcount.com/ 160 B
641 B 104ms
35ms Script
application/javascript 2600:9000:219c:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:37:01 GMT
via: 1.1 af0a4579a75789980eb9374096ea1816.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2390
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:45:31 GMT
server: AmazonS3
etag: "52b67ed0d6de08757c0affd0509ae576"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Xcw2zGpV6cTSWnq1OB79xGyikBnxpqaIx13lHKpUcHC4CWprUhV6lg==

GET
H2 200 json Show response
trc.taboola.com/1335104/trc/3/ 2 KB
2 KB 50ms
34ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1335104/trc/3/json?tim=1687892940697&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2Fsupport-email%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1687892940675%2C%22cv%22%3A%2220230625-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1687892940696%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b49e07c2de7c7bb53245e7747ab7cf2080de11d39f4cda1fb461c1dd66ec9bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7690
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230118-FRA
server: nginx
x-timer: S1687892941.720781,VS0,VE15
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17098
accept-ranges: bytes
content-length: 4807

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ 11 KB
4 KB 85ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=124471048499?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
0 134ms
64ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEvkm7dYufQygHkme5ejEYn-5yXnUmkPopVcAV9636PjRNKEkd3SxtYLWYhAnmOkxw5xjz8BWfI5477YKaqLTkJ0wyz3yPVI6pciAA0MJXU8ZlnJfAZQVNdhyDKqB4ESpBOF2t1-H0FWcQZ_zbqjjMIbCErw&sai=AMfl-YQGFGRneEV4KsQFPRgyfxIzoBjfF6gyWkw7MzeJyaFkDtqMQpbjczXjyI7PoXIYD0nnb-SgsmHeaKts9Zw&sig=Cg0ArKJSzAl6UbNX_bAIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230620.25295&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=124471048499?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Jun 2023 19:09:00 GMT

GET
H2 200 jquery-ui.css
give.marchofdimes.org/js/ Frame F23A 28 KB
7 KB 151ms
135ms Stylesheet
text/css 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/jquery-ui.css
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 25a26a31ffe8b00b9f7b84305ebb06c50376ad33265161f71ccf908604988a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=29588
etag: W/"b1ed74b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5fa9d20414-FRA

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ Frame F23A 154 KB
21 KB 460ms
208ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: fd3eec8037d2a554fa5cea4e654e265e908623e3ede0621cfb89f3aea6611386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 01:51:01 GMT
server: nginx
etag: "6498ef05-5302"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600;
content-length: 21250

GET
H2 200 app.fafe47f5.css
give.marchofdimes.org/css/ Frame F23A 238 KB
36 KB 165ms
149ms Stylesheet
text/css 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/css/app.fafe47f5.css
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6e00a2fbb9401ab03fa534d50a63f519be2c18e388874dc80a4e0ac7a233bad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
etag: W/"f1c8d24b669dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5fa9d50414-FRA

GET
H2 200 app.fdf0752d.js Show response
give.marchofdimes.org/js/ Frame F23A 344 KB
57 KB 163ms
147ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/app.fdf0752d.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf45fd3c4708816fbbac1013a5eeae85fb6d6bdb95324886fac2ef5e2c220678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=352130
etag: W/"f1c8d24b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5fa9d60414-FRA

GET
H2 200 chunk-vendors.e4bafff4.js Show response
give.marchofdimes.org/js/ Frame F23A 834 KB
209 KB 181ms
172ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6da677b1bb2132071aca775218b2b5c6e866265548c07212bbab1f1a0931fc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=853753
etag: W/"9f0d24b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb5fa9d70414-FRA

GET
H2 200 rocket-loader.min.js Show response
give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F23A 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7ddffb5fb9e00414-FRA
expires: Thu, 29 Jun 2023 19:09:00 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame F23A 19 KB
7 KB 67ms
67ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://give.marchofdimes.org/
Origin: https://give.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ddffb5fbfa49963-FRA

GET
H/1.1 204
No Content p
e.acuityplatform.com/ Frame C209 0
187 B 226ms
34ms Image
text/plain 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.59.122.94 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H2 204 Pixels
px.adentifi.com/ Frame C209 0
35 B 360ms
110ms Image
text/plain 44.199.66.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=3405;uq=973759745;
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.66.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-66-14.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ Frame C209 45 KB
15 KB 136ms
65ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=81237

Requested by

Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9129237c4d569470449da6fde1c668779629f8a4d327d975cce8ac3fc5539f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fs...
adservice.google.com/ddm/fls/z/ Frame C209 42 B
401 B 117ms
66ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25017097.js Show response
bat.bing.com/p/action/ 0
119 B 132ms
129ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25017097.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Jun 2023 19:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61941B540EBA4898B88A65D3E5A73ABE Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 47ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=3ecf02ec-02ec-4bb4-8bd0-ac25585d4bb4&sid=13057570151e11ee84fb6b39c805288c&vid=1305bd40151e11eeb15edb80f7d71b78&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Support%20Email%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&r=&lt=1500&evt=pageLoad&sv=1&rn=813331

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Jun 2023 19:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AFFBC50F76A347EDA7ADF20709782683 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 8F06 0
182 B 164ms
51ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&upid=b8lvzxo&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 27 Jun 2023 19:09:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 bat.js Show response
bat.bing.com/ Frame C209 40 KB
12 KB 49ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Jun 2023 19:09:00 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96C58045FEFB48B5958DA7233F5504C7 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame C209 22 KB
9 KB 25ms
25ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJKPkpmT5P8CFYmrsgoddjkNpA;src=8832015;type=rt;cat=donforms;ord=7617268166791;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 04 Jul 2023 19:09:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C209 170 KB
46 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: a4VaciTlbX1n7dbE2VYIg6/0PmMmfAjj6ySoY4V7pwmoT8YOESxG2blh0IIeZ5cFIpubF6SPrSaB3ou1UWMCaw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 3 KB
1 KB 100ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1687892940770&cv=11&fst=1687892940770&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&hn=www.googleadservices.com&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&auid=514555590.1687892940&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

681400e2ba68a73327a805f12f47e7fa483cc1df3612679a71c0fec0e8783e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTcyYWM1ZjQwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 314 KB
83 KB 26ms
26ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 133e77de
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230627123229AD25BEDE653C982F9BBC
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f510ae090d335f8e90afc96c7525ddb88ec0c6c8e6d2f6ba53c2f4b2a2a20b3e572efcf3b5202af52781d28c119fdf453cb2025c5a1c7a0cb97c2128e1671cb1e
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 84259

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3446297/domain/marchofdimes.org/ 36 B
375 B 102ms
35ms XHR
application/json 2600:9000:2171:4200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3446297/domain/marchofdimes.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:4200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:56:26 GMT
content-encoding: gzip
via: 1.1 544c0277595a14fa38c11c01dc0e79e4.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 754
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: MhYeuDXLxuaifZ97n0C3X07Vt0Fb5lNzzsO-JyGK_JeD40AyXdrkbA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodem...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodem...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1687892940791%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodem...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmode...

0
264 B

253ms
191ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&cookiesTest=true&liSync=true&e_ipv6=AQK-RrTh1WAGRwAAAYj-QlqYBJ1jrhZFVrQdCrNKQQotMTX0imbxw7Wg7Bk_rmqAhJmXVCQk5B1ePA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A78E92AB69D8429C829019B9F7862F13 Ref B: FRAEDGE1312 Ref C: 2023-06-27T19:09:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/ITM1RQMNTSjXJo76pw==

Redirect headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E27697C0A29247E68CF31C19BC46A2A0 Ref B: FRAEDGE1909 Ref C: 2023-06-27T19:09:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892940791&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&cookiesTest=true&liSync=true&e_ipv6=AQK-RrTh1WAGRwAAAYj-QlqYBJ1jrhZFVrQdCrNKQQotMTX0imbxw7Wg7Bk_rmqAhJmXVCQk5B1ePA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/ITMx2xesfbNpv1PUYw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 3 KB
2 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1687892940803&cv=11&fst=1687892940803&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&hn=www.googleadservices.com&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&auid=514555590.1687892940&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2068180eec07868589bf9b3fddf8e0dd0b2eb00929ca984ed104d7510b57d6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&rl=&if=false&ts=1687892940839&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687892940834.1140255831&cs_est=true&it=1687892940656&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 rules-p-uyn8UnTsRXguL.js Show response
rules.quantcount.com/ Frame C209 5 KB
2 KB 33ms
33ms Script
application/javascript 2600:9000:219c:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:34:10 GMT
content-encoding: gzip
via: 1.1 af0a4579a75789980eb9374096ea1816.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:08:42 GMT
server: AmazonS3
etag: W/"b4a376a3ece8af98e7567e60db986dc9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: b7EGJRVq9D7OM3qJdNVffD5HCt7a5suawFnHNKfrT4KV79U4MiVRyg==

GET
H2 200 pixel;r=1506700720;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%...
pixel.quantserve.com/ 35 B
371 B 24ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1506700720;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2;uht=2;fpan=1;fpa=P0-710149565-1687892940672;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=marchofdimes.org;dst=0;et=1687892940863;tzo=0;ogl=type.Page%2Ctitle.Support%20Email%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-09%2Fdefault%252Epng;ses=5645cacc-2262-40fa-95fa-00999ce619f1;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 812396462484872 Show response
connect.facebook.net/signals/config/ Frame C209 301 KB
86 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/812396462484872?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e14dbca1847744f583c829dc976f72f0480584a612b6787d11653768c11550

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 5rm7qLko0KK3KlNJV/e/VMPTwrmqrtf+gMFumdPXGDh5TanWmJ9OuQsGm9pQ0xkjSMJ15CSdiDMv7mWy47z92A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 25042596.js Show response
bat.bing.com/p/action/ Frame C209 0
118 B 180ms
180ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25042596.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Jun 2023 19:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6AAFDF0130C04CC8A6C0BAA543475D46 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame C209 0
122 B 55ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=359ec300-25ef-46fa-886b-d87bdc5e47bb&sid=1319c020151e11eebfc9e5ea3564c5bd&vid=1319cf70151e11ee892e5783b93bd5f4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=260&evt=pageLoad&ifm=1&sv=1&rn=561094

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Jun 2023 19:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DC55434B26849E7ABC5C3096EFC3A0A Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_70a9a.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 25ms
24ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_70a9a.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 133e784c
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306271232307B3396127E192AEF09B6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f52c9ec76ede260e03f600cd0f675ab3603e85fb119f79d95d41cfab992bb4abf29fb6e330523c6c9bf576d0ca4c4d7fca7604ae4258d72a3e45bb2a63ae0d5c3
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30837

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 293ms
293ms Ping
text/plain 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 53aa73ef.133e7874
date: Tue, 27 Jun 2023 19:09:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 264,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=175, inner; dur=169
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202306271909003655A5128098F8F6E5E6
x-cache-remote: TCP_MISS from a23-222-16-20.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,23.222.16.20
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d72994ed1e763303437c132a2235f3f4432f427251c69d98a3ec4b937b74c10c5afd68a315d02b17f4990d7bf1b844e7fa3ec43475662031af8a4074ce51da634b116f051c8d2b866fd686a25f516df675798bb2891a5efe906ae863ec0aaa3591
expires: Tue, 27 Jun 2023 19:09:01 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 508ms
508ms Ping
text/plain 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9ffae31c.133e7875
date: Tue, 27 Jun 2023 19:09:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 472,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=384, inner; dur=380
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202306271909002A898BCC6222B052FD11
x-cache-remote: TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 384,23.220.104.204
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d72994ed1e763303437c132a2235f3f4436055a02d9fec9813b4bca20bd541e330e80019ddf978035690e276997a7437f8cf0ae64d34ea3e59210843ab382e5736030aaef991064b9457deaf4db6de2eeeb9470250e4c2a0e09404a66a9f38cb8e
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ Frame F23A 20 KB
5 KB 71ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/css/app.fafe47f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723, 617
age: 5401210
cdn-cachedat: 2021-07-24 09:40:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2b50aaedc481ac5a56e54a88a5b8c43a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ddffb611b3c1909-FRA
cdn-requestpullsuccess: True

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071894384/ 42 B
108 B 84ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071894384/?random=1687892940803&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1879260224&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071894384/ 42 B
455 B 83ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071894384/?random=1687892940803&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1879260224&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/794610601/ 42 B
455 B 83ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794610601/?random=1687892940770&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1886251341&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/794610601/ 42 B
108 B 83ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/794610601/?random=1687892940770&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&frm=0&tiba=Support%20Email%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1886251341&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=332754483;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJKPkpmT5P8CFYmrsgoddjkNpA%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame C209 35 B
210 B 24ms
24ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=332754483;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJKPkpmT5P8CFYmrsgoddjkNpA%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D7617268166791%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-285483731-1687892940860;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=0;et=1687892940977;tzo=0;ogl=;ses=f1a40216-1873-4fae-89a5-b36bfbada95a;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4295 15 KB
6 KB 105ms
36ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 301738
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ Frame C209 0
31 B 20ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJKPkpmT5P8CFYmrsgoddjkNpA%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D7617268166791%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1687892940990&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&it=1687892940867&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4295
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7PaOTHx3VmxqOFR3TWFVNG9jQ0FYQmZIZldzMndja2owcDJzZW5yYVUzRm16bmsrTFBGZHRIQm1WcWcyNFNJV2dxZ0swQ1lPeVBnWlY0SGdWUTE3eFRQdEhOT1NnRU9MRGRvL3dqZnFJNStSYjNVYW4vWjRCaXRMQTdacS...

468 B
681 B

112ms
31ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7PaOTHx3VmxqOFR3TWFVNG9jQ0FYQmZIZldzMndja2owcDJzZW5yYVUzRm16bmsrTFBGZHRIQm1WcWcyNFNJV2dxZ0swQ1lPeVBnWlY0SGdWUTE3eFRQdEhOT1NnRU9MRGRvL3dqZnFJNStSYjNVYW4vWjRCaXRMQTdacStMUkZ1UGxUaEFER3ZrN3N4OVRIcnp4Y2wyeExyZzI2YTZRYTVGeVY1azkrQUdCdUpxRHUrUklqdENUZW9lOEtESmFxbW9ZeDBqeGpPeEo4RUREK2Y2QUprd2FHRys0NFYzUkE0VmwwY2FMeHArRHlJczdHLzk4SmRwamFYODVOVFhjRmtlbUpBZkdtZ0pBSmR6cmpVOHBjRUtNV1U1ZkxkQ29GQmFsOXR3MnhVOU5hOWg3S21IUlp6S3BQN3lTSUJyZGxUVFdxQXw&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f615ddda9de04dfef67271f735520d8a7d74380cc62ea0bdd0a184fbd798c8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1045535
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7PaOTHx3VmxqOFR3TWFVNG9jQ0FYQmZIZldzMndja2owcDJzZW5yYVUzRm16bmsrTFBGZHRIQm1WcWcyNFNJV2dxZ0swQ1lPeVBnWlY0SGdWUTE3eFRQdEhOT1NnRU9MRGRvL3dqZnFJNStSYjNVYW4vWjRCaXRMQTdacStMUkZ1UGxUaEFER3ZrN3N4OVRIcnp4Y2wyeExyZzI2YTZRYTVGeVY1azkrQUdCdUpxRHUrUklqdENUZW9lOEtESmFxbW9ZeDBqeGpPeEo4RUREK2Y2QUprd2FHRys0NFYzUkE0VmwwY2FMeHArRHlJczdHLzk4SmRwamFYODVOVFhjRmtlbUpBZkdtZ0pBSmR6cmpVOHBjRUtNV1U1ZkxkQ29GQmFsOXR3MnhVOU5hOWg3S21IUlp6S3BQN3lTSUJyZGxUVFdxQXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 287015
content-length: 0
expires: 0

GET
H2 200 amazon.js Show response
give.marchofdimes.org/js/ Frame F23A 6 KB
2 KB 133ms
131ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/amazon.js?rnd=20210831
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9c56f97c002513e5266bed356153984b1612bac56582f71f519180dac3c712d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=11007
etag: W/"aae7d64b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb628dd00414-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F23A 121 KB
47 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-219864-1

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4dd6001dc8beb1bb3e0932080f9a89cea3b3f192e56109ee5d190c4700a223a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47972
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 donation.doublemydonation.js Show response
give.marchofdimes.org/js/ Frame F23A 3 KB
1 KB 127ms
125ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/donation.doublemydonation.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1535642f218c9e9f81c4ae8798a5a1b1ccd285b1dbb8013775b335d5a48d6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=5623
etag: W/"8f99d64b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb628dd30414-FRA

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ Frame F23A 433 KB
92 KB 107ms
105ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 273864e396444efd398ccb68526eb4ef857069268dba59d4c93d877622935e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 01:51:00 GMT
server: nginx
etag: "6498ef04-17081"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=3600;
content-length: 94337

GET
H2 200 jquery-ui.js Show response
give.marchofdimes.org/js/ Frame F23A 327 KB
80 KB 196ms
195ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/jquery-ui.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ba5287a919753a8fdb18929f1e3e7f6ccc31154169d254872080d11a9b1c4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
cf-polished: origSize=539419
etag: W/"d85cd74b669dd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb628dd80414-FRA

GET
H2 200 jquery-3.6.0.min.js Show response
give.marchofdimes.org/js/ Frame F23A 87 KB
31 KB 175ms
173ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/js/jquery-3.6.0.min.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2023 19:44:26 GMT
server: cloudflare
etag: W/"cb35d74b669dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb628dda0414-FRA

GET
H2 200 constants.js Show response
give.marchofdimes.org/ Frame F23A 599 B
495 B 125ms
124ms Script
application/javascript 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/constants.js?20210814
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a551c6a84e41383c61251d498656509ca2609cf7e5d54a8ed4c8c6df97c3d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 05 Aug 2021 14:19:11 GMT
server: cloudflare
cf-polished: origSize=732
etag: W/"c582b1dc48ad71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7ddffb628ddc0414-FRA

GET
H2

200

event Show response
widget.us.criteo.com/ Frame C209
Redirect Chain

https://sslwidget.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...

8 KB
4 KB

397ms
117ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=7ced9a36-52c1-4969-9d77-eef7e526e56a&dtycbr=63446

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3cff36c67fc608c179327a174466fe59d3e21d06e9ea77b3edb15a921d39fff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13778513
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=7ced9a36-52c1-4969-9d77-eef7e526e56a&dtycbr=63446
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9517297
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 20ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621384747882069&ev=Microdata&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&rl=&if=false&ts=1687892941341&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20Email%20%7C%20March%20of%20Dimes%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22Page%22%2C%22og%3Atitle%22%3A%22Support%20Email%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fsites%2Fdefault%2Ffiles%2F2022-09%2Fdefault.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687892940834.1140255831&it=1687892940656&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame F23A 220 KB
71 KB 111ms
61ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8dae1882059d37ba7dfe1f0f26c9bb1e56d92fb6fe028654f7a19e3d53b49850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72086
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame F23A 304 KB
97 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

005097a39215fa44239fbe7b24acae9d697d5a45d75e5fe4b06158ab2a96812b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99112
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 Widgets.js Show response
static-na.payments-amazon.com/OffAmazonPayments/us/js/ Frame F23A 338 KB
104 KB 118ms
24ms Script
application/x-javascript 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/amazon.js?rnd=20210831
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92b6d5d686b85c9905af5ba1397d486466e0f313419e7971401e1ff9c31f1edc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: lrUcQ2XLSjKTPN0wfzCYrlFMJU.A.uHT
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date: Tue, 27 Jun 2023 19:01:50 GMT
last-modified: Mon, 26 Jun 2023 05:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 432
x-amz-server-side-encryption: AES256
etag: W/"afa3d266e89dbf60b144c2feea7127b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1200,public
x-amz-cf-id: lc973lMeM9H9WLD6Kn6GTphZgbOX-oONYrahQRbnjb6uROYHDUSu-g==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F23A 52 KB
21 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219864-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 20:35:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame F23A 852 B
747 B 31ms
30ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20a78167d8c88d7e1d3917f78d9e664a4693b384f294fbaa496283f7656c7dce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 get Show response
give.marchofdimes.org/server/api/donationforms/ Frame F23A 7 KB
3 KB 462ms
462ms XHR
application/json 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/server/api/donationforms/get?donationFormId=241&srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https:%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 56eb51f442500d8710358085003c47bc980cc6c6b6bf2b8213e61a2c4c31cfd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
accept-language: de-DE,de;q=0.9
X-Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
permissions-policy: interest-cohort=()
cf-ray: 7ddffb6488490414-FRA

POST
H2 204 rum Show response
give.marchofdimes.org/cdn-cgi/ Frame F23A 0
67 B 23ms
23ms XHR
text/plain 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.marchofdimes.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.marchofdimes.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ddffb64a86b0414-FRA

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame F23A 1 KB
655 B 22ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 11:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Jun 2023 19:12:31 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ Frame F23A 121 KB
47 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W2ZD7L3&t=gtag_UA_219864_1&cid=1519028990.1687892941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd23ce5f4956ec9ea01e92dc40d7137c570dcb7f5b9d699d895b28a52eb9e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48381
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame F23A 430 KB
173 KB 75ms
18ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.marchofdimes.org/
Origin: https://give.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 15:01:57 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame F23A 4 KB
2 KB 25ms
24ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 02:20:08 GMT
Content-Encoding: gzip
Via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 60536
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: xvLs74R4C9Zy_MoLzutMPO375qtnYX49HsALpK_CvxB3PbFF8vwfHg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F23A 126 KB
49 KB 39ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8832015

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a744ef9126e93c5939bf1650bd7724ce0bfa3eba8f5b73909b88183c310e997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49831
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F23A 52 KB
21 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 20:35:22 GMT

GET
H3

200

activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F... Show response
8832015.fls.doubleclick.net/ Frame E23F
Redirect Chain

https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%...
https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;u...

4 KB
2 KB

73ms
67ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef2fb7017e6bc8245381dbd33baae80f504b44e14e61a9735939fb27fccb9ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:01 GMT
expires: Tue, 27 Jun 2023 19:09:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1335104/ Frame F23A 58 KB
18 KB 26ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96fb9133af4fc11be09fdd728b581747d02dc4f0ad430ef1b8eb1e01645d9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VBoy5Qimu7OBozarJjazxddLfBzdNYtK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 27 Jun 2023 19:09:01 GMT
x-amz-request-id: HJKJKXYJP9CT3MF8
age: 76
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18351
x-amz-id-2: 6Q24CbTwgANBpNPELdUZyiMWY9xK9d/iY4pVFRP2WtcN/aWKPVLdwZmIUJgQlMu54V0O9Jl+sZ4=
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Sun, 25 Jun 2023 11:17:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687892942.578235,VS0,VE0
etag: "d8c8ee1b26d4032e6416727c688f93d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame F23A 1 KB
772 B 36ms
33ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=72315
accept-ranges: bytes
content-length: 560

GET
H2 200 bat.js Show response
bat.bing.com/ Frame F23A 40 KB
12 KB 50ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Jun 2023 19:09:01 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4550C1881A3F4109AD1FB00722498B9B Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:01Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame F23A 22 KB
9 KB 27ms
24ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 04 Jul 2023 19:09:01 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame F23A 170 KB
46 KB 23ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: g+yCE8xCBA10JSYfecYbf44R/GGSO0TrllaLqgx6jAFdBKKFH2ch4CDTztc9wEyR7sB5Y6jscpberSghFvw1/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

B21581475.265419780;dc_pre=CILwzpmT5P8CFYzhuwgdPf8C6w;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/ Frame F23A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CILwzpmT5P8CFYzhuwgdPf8C6w;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...

42 B
63 B

83ms
43ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CILwzpmT5P8CFYzhuwgdPf8C6w;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CILwzpmT5P8CFYzhuwgdPf8C6w;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 B21591273.227039140;sz=1x2;ord=328360088865 Show response
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ Frame F23A 41 KB
15 KB 79ms
77ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=328360088865?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

a0d3e0e18f9afabf05b83afaed4afdc3f95b69753e0e4b8ec7b4d20b8570c05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15819
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame F23A 121 KB
47 KB 31ms
26ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f32ce6ea4194bc7819267f4c17658ce465a5aeba7c4b9a4a188155045ab34e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48126
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame F23A 4 KB
2 KB 127ms
123ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e40fdfa3e1e2362f9e593cb750c61e60813c2126e54d020bba1ca349aeb58701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 5300405a.133e7ab9
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 99,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=7, inner; dur=3
content-length: 1574
pragma: no-cache
server: nginx
x-tt-logid: 202306271909016BE834960911C78FAF7B
x-cache-remote: TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.222.16.85
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d72994ed1e763303437c132a2235f3f443cd642bce68270523a105d60c1f158ca9e46b1a70d0f02ec067cc091cdf1b12b7996599026e6faae784293c30deb53817d178cc1399cc18e1a7bd2ac36d209fc284e54c6a757fd61ae181d531658aec7c
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F23A 234 KB
82 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce3f999598bcb04783f0ef8836f18c1e0f70ff6ad26ed5d63c484115e337e4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 2EFE 0
181 B 48ms
45ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&upid=b8lvzxo&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 27 Jun 2023 19:09:01 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame F23A 3 B
45 B 104ms
44ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://give.marchofdimes.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK sessionstabilizer Show response
payments.amazon.com/gp/widgets/ Frame F23A 89 B
1 KB 549ms
148ms XHR
application/json 44.215.136.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.amazon.com/gp/widgets/sessionstabilizer?countryOfEstablishment=US&ledgerCurrency=USD&isSandbox=false

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.136.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-136-84.compute-1.amazonaws.com

Software

Server /

Resource Hash

2814a34f1184ab0e0dfc495e46f676abe9585ca699fd8300412148952941f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MBYYPH6EJP3Y2HKVWTAZ
x-amzn-RequestId: MBYYPH6EJP3Y2HKVWTAZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 89

GET
H2 200 login.js Show response
static-na.payments-amazon.com/v2/ Frame F23A 45 KB
14 KB 46ms
19ms Script
application/javascript 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/v2/login.js
Requested by: Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b1bc4c11b567ed69cf1e01acb69243f513163689eb0dfd33261ebd3692972bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 95..SgEu7dupRd1hEWPbXj6tx_SPQmgG
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date: Tue, 27 Jun 2023 19:05:41 GMT
last-modified: Mon, 26 Jun 2023 05:31:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 200
x-amz-server-side-encryption: AES256
etag: W/"20d24ecb5466913307a96647a492225b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200,public
x-amz-cf-id: ZHrBY2Yfmyu8Jr3gU2pqxoE9vRCD2_HILzP-5dycKl9gSIEA_dewJA==

GET
H2 200 rules-p-4LjrHyeV3QUW4.js Show response
rules.quantcount.com/ Frame F23A 160 B
631 B 39ms
30ms Script
application/javascript 2600:9000:219c:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:37:01 GMT
via: 1.1 af0a4579a75789980eb9374096ea1816.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:45:31 GMT
server: AmazonS3
etag: "52b67ed0d6de08757c0affd0509ae576"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: d9nMw4GVxxmcnuUKnMsdxl0LIeF18lyP4vWZe4AFTyIHJm6RktZCrw==

GET
H3 200 1621384747882069 Show response
connect.facebook.net/signals/config/ Frame F23A 377 KB
108 KB 27ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1621384747882069?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e39929df145bda156a8abe9a54286626f6b480e34c52760559ce3fd8a051bde

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110422
x-xss-protection: 0
pragma: public
x-fb-debug: Lxn5kpfwgvCDpG5j93vZBRwGzXwX1CJ6ZkAQJgXcM0wA9F3ZZqLhFDz9SFMa4GClVSEVFF7vQvq3UQ+YHEvmwg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1335104/trc/3/ Frame F23A 2 KB
1 KB 41ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1335104/trc/3/json?tim=1687892941698&data=%7B%22id%22%3A929%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1687892941663%2C%22cv%22%3A%2220230625-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1687892941698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%22%2C%22tos%22%3A32%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4278f19eb7d91370730413eb96da7a4ff47bd9e9897bc5c77287639958fa14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8107
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230118-FRA
server: nginx
x-timer: S1687892942.706751,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F23A 2 B
22 B 28ms
27ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=640304719&t=pageview&_s=1&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&dr=https%3A%2F%2Fwww.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=March%20of%20Dimes%20Donation&sd=24-bit&sr=1600x1200&vp=736x560&je=0&_u=SCCAAUITQAAAACAAI~&jid=31829378&gjid=321536294&cid=1519028990.1687892941&tid=UA-219864-1&_gid=1929714967.1687892941&_r=1&gtm=457e36q0&jsscut=1&z=1435385555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F23A 3 B
23 B 30ms
29ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=640304719&t=pageview&_s=1&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&dr=https%3A%2F%2Fwww.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=March%20of%20Dimes%20Donation&sd=24-bit&sr=1600x1200&vp=736x560&je=0&_u=SCCAAUITQAAAACAAI~&jid=&gjid=&cid=1519028990.1687892941&tid=UA-219864-60&_gid=1929714967.1687892941&_slc=1&gtm=45He36q0n81WNJ3K3P&z=726342610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F23A 194 KB
70 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219864-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a20011c16fa082eeab9ba732b2d52ada4eef132e27d26621af5a4ee13dcb8b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71351
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F23A 140 KB
54 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219864-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aabf437350f8ed211a46160abbbebd2367fcaacabd952f786c89c31e2a08a3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54971
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame F23A 13 KB
5 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17097
accept-ranges: bytes
content-length: 4807

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ Frame E23F 45 KB
15 KB 46ms
43ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=81237

Requested by

Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9129237c4d569470449da6fde1c668779629f8a4d327d975cce8ac3fc5539f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 204 Pixels
px.adentifi.com/ Frame E23F 0
34 B 114ms
111ms Image
text/plain 44.199.66.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=3404;uq=278245013;
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.66.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-66-14.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3Fsr...
adservice.google.com/ddm/fls/z/ Frame E23F 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E23F 170 KB
46 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: g+yCE8xCBA10JSYfecYbf44R/GGSO0TrllaLqgx6jAFdBKKFH2ch4CDTztc9wEyR7sB5Y6jscpberSghFvw1/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame E23F 22 KB
9 KB 25ms
24ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 04 Jul 2023 19:09:01 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame E23F 40 KB
12 KB 52ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Jun 2023 19:09:01 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA7B39F4F36641E9A8B89F0A2700FD8C Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:01Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ Frame E23F 2 KB
3 KB 135ms
31ms Script
application/javascript 23.12.140.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.140.42 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-12-140-42.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:01 GMT
Last-Modified: Wed, 04 Jan 2023 18:57:40 GMT
Server: nginx/1.14.0
ETag: "63b5cc24-978"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2424

GET
H2 204 25017097.js Show response
bat.bing.com/p/action/ Frame F23A 0
118 B 119ms
118ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25017097.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Jun 2023 19:09:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C320BDD808646CD97EA23CB1952C5D0 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame F23A 0
121 B 59ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=79f13ec2-17f2-48c5-ab2c-557036e9ef58&sid=13057570151e11ee84fb6b39c805288c&vid=1305bd40151e11eeb15edb80f7d71b78&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=March%20of%20Dimes%20Donation&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=905&evt=pageLoad&ifm=1&sv=1&rn=956197

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Jun 2023 19:09:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 550B7B04CB75430C82146D2E8D29D6BA Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame F23A 1 B
350 B 119ms
27ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-219864-1&cid=1519028990.1687892941&jid=31829378&gjid=321536294&_gid=1929714967.1687892941&_u=SCCAAUISQAAAACAAI~&z=1293345215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame F23A 0
76 B 45ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je36q0&_p=640304719&cid=1519028990.1687892941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687892940&sct=1&seg=1&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&dr=https%3A%2F%2Fwww.marchofdimes.org%2F&dt=March%20of%20Dimes%20Donation&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230621/r20110914/elements/html/ Frame F23A 11 KB
4 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230621/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=328360088865?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:50:07 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F23A 0
0 67ms
66ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLsGLCB0felXg27MQQUAQwlPcZ_pWotn0tO2NhIeJOYbIW3HRUBnWNfRYgU9O-45CFeq23dpnFCNNeVU2f1sPNxP9PYfaejCbrmefS2HIYQ_MtcApT05oQC6PDlhUIrIrS7IPJuxwem0fvpIvjhbN1552MzX9ogIY-KBBWd99yPvC1&sai=AMfl-YT6WIrX-rmaxlkrRG2mdrvwIVCqNIiTcA5nVmKNYyU5nWZSwj9TPFE4XyXi1O4wK4HSSSHdXSwWGFqw_pU2-NlNF3UwOTWf62WISw&sig=Cg0ArKJSzKstD5Wy7KifEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230621.82726&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=328360088865?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Jun 2023 19:09:01 GMT

GET
H2 200 main.MTcyYWM1ZjQwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame F23A 314 KB
83 KB 32ms
32ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 133e7bf0
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230627123229AD25BEDE653C982F9BBC
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f510ae090d335f8e90afc96c7525ddb88ec0c6c8e6d2f6ba53c2f4b2a2a20b3e572efcf3b5202af52781d28c119fdf453cb2025c5a1c7a0cb97c2128e1671cb1e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 84259

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A18B 51 KB
28 KB 81ms
48ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_Xq4UAAAAAHd1hKHMAy-iydWdiqmt5E-IKeak&co=aHR0cHM6Ly9naXZlLm1hcmNob2ZkaW1lcy5vcmc6NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oxei8q6p100v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b4c7042a57a39f59df8370a0d2398e2211dbf58ce616e06fef0ad99d17cec43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P-pHxElUI64fOoc96XlJHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28824
content-security-policy: script-src 'report-sample' 'nonce-P-pHxElUI64fOoc96XlJHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK accountStatus Show response
payments.amazon.com/merchantAccount/A24SJ7EJ7ID1HK/ Frame F23A 34 B
407 B 528ms
175ms XHR
application/json 44.215.136.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.amazon.com/merchantAccount/A24SJ7EJ7ID1HK/accountStatus?countryOfEstablishment=US&ledgerCurrency=USD&originDomain=https://give.marchofdimes.org&storeId=amzn1.application-oa2-client.e1ff19fc46434acbbc47678d3a8496e3

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.136.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-136-84.compute-1.amazonaws.com

Software

Server /

Resource Hash

6daf092c820d6323f36c5ddad13658cf42a525808c69025cc3e7a36d76ab5508

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X5JQW42EHQ61RE48SPNE
x-amzn-RequestId: X5JQW42EHQ61RE48SPNE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 34

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3446297/domain/give.marchofdimes.org/ Frame F23A 36 B
397 B 57ms
49ms XHR
application/json 2600:9000:2171:4200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3446297/domain/give.marchofdimes.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:4200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:05:51 GMT
content-encoding: gzip
via: 1.1 544c0277595a14fa38c11c01dc0e79e4.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 190
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-amz-cf-id: 5dEjM1c6mPY3w3Ruy_949wkQGffSiAwHKcrbXWAg3hStCoX3IMIVwQ==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame F23A
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F&e_ipv6=AQI8pB-tisQmOAAAAYj-QlzX-n68FfLlmz7Yk4RKf_IAzzZJB5LQqAHQFmAE-lrZwcqKG...

0
143 B

164ms
164ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F&e_ipv6=AQI8pB-tisQmOAAAAYj-QlzX-n68FfLlmz7Yk4RKf_IAzzZJB5LQqAHQFmAE-lrZwcqKGL6z-Rc-nQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AAB3A85EF34F4E52B0868577323C8F6F Ref B: FRAEDGE1312 Ref C: 2023-06-27T19:09:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/ITM9n81BkSS3aQEXGQ==

Redirect headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 244E650BAA9843F4B4869E9E15A39199 Ref B: FRAEDGE1909 Ref C: 2023-06-27T19:09:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1687892941953&url=https%3A%2F%2Fwww.marchofdimes.org%2F&e_ipv6=AQI8pB-tisQmOAAAAYj-QlzX-n68FfLlmz7Yk4RKf_IAzzZJB5LQqAHQFmAE-lrZwcqKGL6z-Rc-nQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/ITM6k15UfQyucCzhcA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ Frame F23A 4 KB
2 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1687892941957&cv=11&fst=1687892941957&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&hn=www.googleadservices.com&frm=2&tiba=March%20of%20Dimes%20Donation&auid=514555590.1687892940&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

095fb25d29399504a5c9280cc7295e5f26b23c859144818c6e3c06d3493c5935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ Frame F23A 4 KB
2 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1687892941982&cv=11&fst=1687892941982&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&hn=www.googleadservices.com&frm=2&tiba=March%20of%20Dimes%20Donation&auid=514555590.1687892940&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c641f36cf42ebcbd2c1a23581780e3bd1bc6060af1f5fd43d461c6469555fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=2128035207;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm...
pixel.quantserve.com/ Frame F23A 35 B
210 B 27ms
27ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2128035207;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uht=2;fpan=0;fpa=P0-710149565-1687892940672;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=marchofdimes.org;dst=0;et=1687892942002;tzo=0;ogl=;ses=a980da3d-0301-4742-85a5-8d2511a8ff3e;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/ Frame E23F
Redirect Chain

https://sslwidget.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFu...
https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFu...

8 KB
4 KB

135ms
134ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=97ed2317-887b-480b-a23f-43e6a2ff4453&dtycbr=65470

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d00b70d04e112fc2ae5939e2a4d6fe832ff7cba155c1e132e1dbb6687560ca46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18597786
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=81237&v=5.16.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fgive.marchofdimes.org&p1=e%3Dvh&p2=e%3Ddis&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJNUtrQ0YlMkJsV2tsWVY1Wkxjb3N3TldjdXY4WkpyJTJGaUE4aGh6MzV6Q0J3RUxDV2xLZ0xrR2tpaXJDVk9Gc2NUcE9POUV2SHFuVXdkJTJCZnhpaE1ob01XcUVVRjNhM0FWYnhEQUZTY2ZuS0hFSGRLVGd0clYwWG1Qd04lMkJySmIlMkJsUEtFY1RJZGN4dm5NRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=97ed2317-887b-480b-a23f-43e6a2ff4453&dtycbr=65470
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2313342
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 /
www.facebook.com/tr/ Frame F23A 0
15 B 22ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1687892942019&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687892940834.1140255831&cs_est=true&it=1687892941662&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 122ms
24ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://give.marchofdimes.org
access-control-max-age: 1800
date: Tue, 27 Jun 2023 19:09:02 GMT
paypal-debug-id: d91081f8236f4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ Frame F23A 2 KB
1 KB 75ms
75ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c5592e4bf377aad2cc585d00bca880cc50008665fda6f3b257954de7ee33055a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODc5NzkzNDEsImp0aSI6IjU2NDMwNmRmLTk4NTgtNGQxNi05MDZkLWU0MmFhODhmY2YzMiIsInN1YiI6InNoY3g1OHNwMjhuYnhrbjUiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InNoY3g1OHNwMjhuYnhrbjUiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.AKchBlaDMGJYW8aQgz3Z5I9hXhcBMX3xZ6PJG52j0juR1klT9XPT5vTCw0wuFpCTqN4lcA2U-_e8l-2lNC6pyQ
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://give.marchofdimes.org
paypal-debug-id: 30096d6ddf664
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1084

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ Frame F23A 19 KB
5 KB 108ms
20ms Script
text/javascript 2600:9000:225e:f400:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/app.fdf0752d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fe1e14ed818338600a0af927ad7badc7369990f615747874ff5f50c86ab65a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:22:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2804
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4645
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B53A1857E5D279366A1E774EF8BAAE58EAEC64050000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: liIKsHUjFH-7JXiN5Fbx1hD8dnFUM5Qt3zfZA_QvRgWCuYkYVylBcw==
expires: Tue, 27 Jun 2023 19:22:17 GMT

GET
H2 200 btn-cc.png
give.marchofdimes.org/images/ Frame F23A 2 KB
2 KB 162ms
161ms Image
image/webp 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.marchofdimes.org/images/btn-cc.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ab6178ed23ee18aa7ea5b16f2114096645d98ab305ba16d290cb80e5dc9760a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4748
x-powered-by: ASP.NET
content-disposition: inline; filename="btn-cc.webp"
content-length: 2396
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Sep 2021 10:57:16 GMT
server: cloudflare
etag: "594b8fc569b0d71:0"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb682d0d0414-FRA

GET
H2 200 btn-paypal.png
give.marchofdimes.org/images/ Frame F23A 2 KB
2 KB 124ms
123ms Image
image/webp 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.marchofdimes.org/images/btn-paypal.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ec3bd6685fcfcc08d6ea574d16db5da8622d5a713ce934ef443dc742330ab89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4393
x-powered-by: ASP.NET
content-disposition: inline; filename="btn-paypal.webp"
content-length: 1800
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Sep 2021 10:57:16 GMT
server: cloudflare
etag: "594b8fc569b0d71:0"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb682d0e0414-FRA

GET
H2 200 btn-amazon.png
give.marchofdimes.org/images/ Frame F23A 2 KB
2 KB 132ms
131ms Image
image/webp 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.marchofdimes.org/images/btn-amazon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e739a94ded503457c8474ba4f648ecf57407f6d97638e67adabe221d1b761cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4754
x-powered-by: ASP.NET
content-disposition: inline; filename="btn-amazon.webp"
content-length: 1690
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Sep 2021 10:57:16 GMT
server: cloudflare
etag: "67248fc569b0d71:0"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb682d100414-FRA

GET
H2 200 gximage2
widgets.guidestar.org/ Frame F23A 11 KB
4 KB 502ms
418ms Image
image/svg+xml 104.22.54.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/gximage2?o=6906404&l=v4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60545e054ec3ed32276ff337a4775973165502a5d7420dcbe0c7c3c1e3136d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7ddffb68af7d35fa-FRA
expires: -1

GET
H2 200 bbb.png
give.marchofdimes.org/images/ Frame F23A 5 KB
5 KB 124ms
124ms Image
image/webp 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.marchofdimes.org/images/bbb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4388358f8e4ced0256b18ac97d008fee4081daa03fe7dd685a3104ee936706d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/?srcCode=CCLGENEM2306CNT68727001&%3Butm_source=modemail&%3Butm_medium=email&%3Butm_campaign=2023oth&%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2&DonationFormId=241&urlReferer=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6993
x-powered-by: ASP.NET
content-disposition: inline; filename="bbb.webp"
content-length: 5082
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Sep 2021 10:57:16 GMT
server: cloudflare
etag: "67248fc569b0d71:0"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb682d120414-FRA

GET
H2 200 Graphik-Bold.ttf
give.marchofdimes.org/fonts/ Frame F23A 148 KB
148 KB 132ms
122ms Font
application/octet-stream 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/fonts/Graphik-Bold.ttf
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/css/app.fafe47f5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f2f5cb21c545b0010b10a9bc7762a5376f5df10cd53aeb2db765d28afb109e9f

Request headers

Referer: https://give.marchofdimes.org/css/app.fafe47f5.css
Origin: https://give.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 19:08:50 GMT
server: cloudflare
etag: "889615296489d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb683d300414-FRA
content-length: 151108

GET
H2 200 Graphik-Regular.ttf
give.marchofdimes.org/fonts/ Frame F23A 145 KB
146 KB 141ms
131ms Font
application/octet-stream 2606:4700:10::6816:4345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://give.marchofdimes.org/fonts/Graphik-Regular.ttf
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/css/app.fafe47f5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fc17a517bcaafe39e7c2106483762f877897aa0c22ab9dd472c1cde12188626

Request headers

Referer: https://give.marchofdimes.org/css/app.fafe47f5.css
Origin: https://give.marchofdimes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 19:08:50 GMT
server: cloudflare
etag: "7fbd15296489d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7ddffb683d320414-FRA
content-length: 148868

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A18B 55 KB
24 KB 74ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_Xq4UAAAAAHd1hKHMAy-iydWdiqmt5E-IKeak&co=aHR0cHM6Ly9naXZlLm1hcmNob2ZkaW1lcy5vcmc6NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oxei8q6p100v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 04:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 04:26:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A18B 430 KB
173 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 15:01:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5E13 15 KB
6 KB 41ms
39ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 19:09:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 676402
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rules-p-uyn8UnTsRXguL.js Show response
rules.quantcount.com/ Frame E23F 5 KB
2 KB 37ms
37ms Script
application/javascript 2600:9000:219c:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:34:10 GMT
content-encoding: gzip
via: 1.1 af0a4579a75789980eb9374096ea1816.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:08:42 GMT
server: AmazonS3
etag: W/"b4a376a3ece8af98e7567e60db986dc9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: If46zv6Phn7U19GWHPwHBGmdGYrIuc68_f-xTJlu1KeQTnxPQcYfvA==

GET
H2 204 25042596.js Show response
bat.bing.com/p/action/ Frame E23F 0
119 B 124ms
124ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25042596.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Jun 2023 19:09:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F887B3677CED45C3B35E6AF2B6CC99AC Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:02Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame E23F 0
121 B 45ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=c2e1e672-3625-466a-b81e-ba5bbca9f9c7&sid=1319c020151e11eebfc9e5ea3564c5bd&vid=1319cf70151e11ee892e5783b93bd5f4&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fgive.marchofdimes.org%2F&r=&lt=350&evt=pageLoad&ifm=1&sv=1&rn=278557

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Jun 2023 19:09:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E29050966575486886728254A1C836F3 Ref B: FRA31EDGE0708 Ref C: 2023-06-27T19:09:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 812396462484872 Show response
connect.facebook.net/signals/config/ Frame E23F 301 KB
86 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/812396462484872?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e14dbca1847744f583c829dc976f72f0480584a612b6787d11653768c11550

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 19:09:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88398
x-xss-protection: 0
pragma: public
x-fb-debug: 5rm7qLko0KK3KlNJV/e/VMPTwrmqrtf+gMFumdPXGDh5TanWmJ9OuQsGm9pQ0xkjSMJ15CSdiDMv7mWy47z92A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame AAA7
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30

43 B
344 B

27ms
26ms

Image
image/gif

18.192.33.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
Protocol: H2
Server: 18.192.33.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-33-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame AAA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_cm&google_hm=ay1wUU1lTG1oSW5IOHRncVRzRjBmWWtYeW9iQ01rQWlsS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

43 B
369 B

41ms
39ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 684607
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame AAA7
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

43 B
370 B

36ms
35ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1072856
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 860aea92-c45e-4173-a856-2047bf586492
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame AAA7
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg

43 B
1 KB

40ms
39ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
AN-X-Request-Uuid: 03c9ef3f-dda1-4017-993f-6b5618f282eb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
AN-X-Request-Uuid: c9ecb2d9-da0b-45de-b324-6499126b9d5e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame AAA7 61 B
792 B 198ms
121ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-X4fg7mhInH8tgqTsF0fYkXyobCMUbuHltxFo0Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 19:09:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame AAA7 0
239 B 110ms
21ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CGCL2GhInH8tgqTsF0fYkXyobCMJQZlolPy22w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame AAA7 0
358 B 98ms
26ms Image
text/plain 18.194.136.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-25G_u2hInH8tgqTsF0fYkXyobCMRYn6kO9pFwg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.136.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-136-210.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame AAA7 43 B
163 B 155ms
31ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-0eiL7GhInH8tgqTsF0fYkXyobCMKYiLN5nn4Yw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AAA7 0
99 B 112ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-rz_Z2GhInH8tgqTsF0fYkXyobCOCCqu4DH97xg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28176

GET
H2 200 um
criteo-sync.teads.tv/ Frame AAA7 23 B
163 B 135ms
51ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-LUo7FGhInH8tgqTsF0fYkXyobCM9giL6u8yWLQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 27 Jun 2023 19:09:02 GMT
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame AAA7 37 B
140 B 100ms
27ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-rsgaRWhInH8tgqTsF0fYkXyobCOhvlFKsc-gRg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame AAA7 0
125 B 97ms
30ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3Qf2WWhInH8tgqTsF0fYkXyobCOtpYMyD7RENw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame AAA7 43 B
162 B 134ms
30ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-5R1UFWhInH8tgqTsF0fYkXyobCM78aZDWzp49Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame AAA7 49 B
235 B 122ms
31ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oGCZr2hInH8tgqTsF0fYkXyobCNpjVLNGXJPjQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame AAA7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg&C=1

43 B
766 B

255ms
254ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame AAA7
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK

42 B
942 B

49ms
49ms

Image
image/gif

99.81.116.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK

Protocol

HTTP/1.1

Server

99.81.116.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-116-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v049-05cb96943.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GYm84ib2R44=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v049-024fc3e90.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8FQnGLc+S2Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UFdbytx7ZzdMELwnZ9fNLkSVpFe8N9pK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame AAA7 43 B
1 KB 85ms
23ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-05iSBGhInH8tgqTsF0fYkXyobCMrKahhMfE_tw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame AAA7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ

43 B
448 B

57ms
43ms

Image
image/gif

18.203.90.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ
Protocol: H2
Server: 18.203.90.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-90-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 19:09:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ
access-control-allow-origin: *
date: Tue, 27 Jun 2023 19:09:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame AAA7 42 B
274 B 100ms
32ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-r7Q3xmhInH8tgqTsF0fYkXyobCO-ekFWJNrjOw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame AAA7 0
878 B 122ms
24ms Image
text/html 3.125.198.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-r12E8GhInH8tgqTsF0fYkXyobCOvPv5N0vihBA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.198.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-198-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame AAA7 0
145 B 442ms
106ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ppUW72hInH8tgqTsF0fYkXyobCMiZuBpwKuMjA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Cache-Control: no-cache
X-TraceId: 6e0bc31b9d311a5e61f9af07946836d7
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame AAA7 42 B
579 B 133ms
37ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame AAA7 43 B
399 B 352ms
113ms Image
image/gif 2600:1f18:612b:4200:f677:2600:2836:f912
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Kkv1aGhInH8tgqTsF0fYkXyobCNBFxtnGP0IkQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:f677:2600:2836:f912 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 27 Jun 2023 19:09:02 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame AAA7 43 B
153 B 121ms
35ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-dsNNxmhInH8tgqTsF0fYkXyobCOQctN3ztGXQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 19:09:02 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame AAA7 0
400 B 175ms
73ms Image
text/plain 2.22.155.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-l-7BdWhInH8tgqTsF0fYkXyobCMPPDKmEfM4fA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.155.103 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jun 2023 19:09:02 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame AAA7 0
38 B 177ms
46ms Image
text/plain 3.248.97.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Yur_iWhInH8tgqTsF0fYkXyobCNwu3FrAsILoA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.97.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-97-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
content-length: 0

GET
H2 200 identify_70a9a.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame F23A 114 KB
31 KB 23ms
23ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_70a9a.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 133e7cf9
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306271232307B3396127E192AEF09B6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f52c9ec76ede260e03f600cd0f675ab3603e85fb119f79d95d41cfab992bb4abf29fb6e330523c6c9bf576d0ca4c4d7fca7604ae4258d72a3e45bb2a63ae0d5c3
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30837

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame F23A 0
690 B 165ms
164ms Ping
text/plain 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: af986e3.133e7d14
date: Tue, 27 Jun 2023 19:09:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 131,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=38, inner; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230627190902A9392F3EA665F3738099
x-cache-remote: TCP_MISS from a23-222-16-54.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.222.16.54
x-tt-trace-host: 010df6296fdbb6dbd3dbc52f3fcb2de0d72994ed1e763303437c132a2235f3f443f8004a54ae49a42744ca91e8223be3f9631649e21a1900603c1e7544b1520c03e08ce3d041c2ef5200963b7daff8faa91ac45426a0b418b8a35d87d25432d0fa4871d013c5f5b2eb75a1cbf1ffa993a4
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H/1.1 200
OK pj Show response
e.acuityplatform.com/ Frame E23F 1 KB
2 KB 31ms
29ms Script
text/javascript 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=3219385473019742745&pu=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJHUz5mT5P8CFYfFsgod0eoJQQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Dgen%3Bord%3D2540812017259%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fgive.marchofdimes.org%252F%253FsrcCode%253DCCLGENEM2306CNT68727001%2526%25253Butm_source%253Dmodemail%2526%25253Butm_medium%253Demail%2526%25253Butm_campaign%253D2023oth%2526%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%2526DonationFormId%253D241%2526urlReferer%253Dhttps%25253A%25252F%25252Fwww.marchofdimes.org%25252Fsupport-email%25253FsrcCode%25253DCCLGENEM2306CNT68727001%252526amp%2525253Butm_source%25253Dmodemail%252526amp%2525253Butm_medium%25253Demail%252526amp%2525253Butm_campaign%25253D2023oth%252526amp%2525253Butm_content%25253Dem-loc-txho-2023oth-texas-heb-campaign2%3F&pixelKey=3219385473019742745
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.59.122.94 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: dc3a842111f91bf38d5a6a85fd69ed843e8ecd8f4d390a6980f7fdd04c4a44c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Content-Length: 1071
Content-Type: text/javascript

GET
H3 200 /
www.google.com/pagead/1p-user-list/1071894384/ Frame F23A 42 B
64 B 35ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071894384/?random=1687892941957&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&frm=2&tiba=March%20of%20Dimes%20Donation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=63257359&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071894384/ Frame F23A 42 B
108 B 35ms
33ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071894384/?random=1687892941957&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&frm=2&tiba=March%20of%20Dimes%20Donation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=63257359&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK uedata Show response
apay-us.amazon.com/cs/ Frame F23A 0
440 B 525ms
127ms XHR
application/json 44.215.137.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/cs/uedata

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.137.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-137-250.compute-1.amazonaws.com

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WDJTAQQ8EM518JEQ23N3
x-amzn-RequestId: WDJTAQQ8EM518JEQ23N3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK abTestV2 Show response
payments.amazon.com/ Frame F23A 353 B
795 B 135ms
126ms XHR
application/json 44.215.136.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.amazon.com/abTestV2?countryOfEstablishment=US&ledgerCurrency=USD&isSandbox=false&encryptedSessionId=ISiOZqHk5SQPsCSCtM%252FgdWPZbbnvkbLLRwPsW3VbmjgFml1Fq8xpxomFvdcB4Q0%253D&merchantId=A24SJ7EJ7ID1HK

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.136.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-136-84.compute-1.amazonaws.com

Software

Server /

Resource Hash

c8a7d2de002bbd0a1053fd750fa6c4dc903415b32244ec071157ef2e9dfa5d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W0ACY3EEVW7N1DQ9GN7M
x-amzn-RequestId: W0ACY3EEVW7N1DQ9GN7M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 353

GET
H3 200 /
www.google.com/pagead/1p-user-list/794610601/ Frame F23A 42 B
64 B 54ms
44ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794610601/?random=1687892941982&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&frm=2&tiba=March%20of%20Dimes%20Donation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1843713436&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/794610601/ Frame F23A 42 B
108 B 47ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/794610601/?random=1687892941982&cv=11&fst=1687892400000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&ref=https%3A%2F%2Fwww.marchofdimes.org%2F&frm=2&tiba=March%20of%20Dimes%20Donation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1843713436&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5E13
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=qkA2_l8zJTJGaHlXT2hQY2VWcCUyRjRKSHl0TEFud1N3ekhiRWhrNThJN...
https://mug.criteo.com/sid?cpp=LX24m3xnVjFYdVJDUDNPTm1xWjdzU3FpTDJKTzJsSmhmdUlRQjhTdzd1a05WMHE2cStrZVR6WWJINlNBRytuYkZDMnJpcEVuMCtsME9JUEQrTFZ5VGJ0TkxVWHBoU09KeWl6ZW9XYlFRZmJaQ1FoeTdqdjVNTG5GQVJmaT...

465 B
692 B

31ms
30ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LX24m3xnVjFYdVJDUDNPTm1xWjdzU3FpTDJKTzJsSmhmdUlRQjhTdzd1a05WMHE2cStrZVR6WWJINlNBRytuYkZDMnJpcEVuMCtsME9JUEQrTFZ5VGJ0TkxVWHBoU09KeWl6ZW9XYlFRZmJaQ1FoeTdqdjVNTG5GQVJmaTdnNG43aVFpcEVhbEQyc0xzbVVXZmZ4Z0xseWhLa2U1bk9oeU1DRG5hb2lDSzcyME9weVZGNkVQUENXSFNtMGxvTkhVTTZuYnR5NTNReHYyL1VlV2ZZNXR3UTJpdUpsVWQ3YjI2QzI4WCtkNFpOYU5tcnd6eFU1TFdxSXk1a1NhMHNJZEpzeWFBU1NkZGw2VlNGNDJPYWJzWUIyelFjS2FZaDR4NXBvRm9ybE9DN21EaXRkSnBIVmFyT3paWHc0SjlaeTFKekIrdkg0V3dtanlFRHpDYU1sSU9JODlsS3c9PXw&cppv=2

Requested by

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e4043169cb0bc5b7cdbe78638b243ac3934ed38751b18d2fa4952ef04ea73cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 679516
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LX24m3xnVjFYdVJDUDNPTm1xWjdzU3FpTDJKTzJsSmhmdUlRQjhTdzd1a05WMHE2cStrZVR6WWJINlNBRytuYkZDMnJpcEVuMCtsME9JUEQrTFZ5VGJ0TkxVWHBoU09KeWl6ZW9XYlFRZmJaQ1FoeTdqdjVNTG5GQVJmaTdnNG43aVFpcEVhbEQyc0xzbVVXZmZ4Z0xseWhLa2U1bk9oeU1DRG5hb2lDSzcyME9weVZGNkVQUENXSFNtMGxvTkhVTTZuYnR5NTNReHYyL1VlV2ZZNXR3UTJpdUpsVWQ3YjI2QzI4WCtkNFpOYU5tcnd6eFU1TFdxSXk1a1NhMHNJZEpzeWFBU1NkZGw2VlNGNDJPYWJzWUIyelFjS2FZaDR4NXBvRm9ybE9DN21EaXRkSnBIVmFyT3paWHc0SjlaeTFKekIrdkg0V3dtanlFRHpDYU1sSU9JODlsS3c9PXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 281475
content-length: 0
expires: 0

GET
H2 200 pixel;r=63706394;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJHUz5mT5P8CFYfFsgod0eoJQQ%3Bsrc%3D8832015%3Btype%3Drt%3...
pixel.quantserve.com/ Frame E23F 35 B
210 B 24ms
24ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=63706394;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJHUz5mT5P8CFYfFsgod0eoJQQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Dgen%3Bord%3D2540812017259%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fgive.marchofdimes.org%252F%253FsrcCode%253DCCLGENEM2306CNT68727001%2526%25253Butm_source%253Dmodemail%2526%25253Butm_medium%253Demail%2526%25253Butm_campaign%253D2023oth%2526%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%2526DonationFormId%253D241%2526urlReferer%253Dhttps%25253A%25252F%25252Fwww.marchofdimes.org%25252Fsupport-email%25253FsrcCode%25253DCCLGENEM2306CNT68727001%252526amp%2525253Butm_source%25253Dmodemail%252526amp%2525253Butm_medium%25253Demail%252526amp%2525253Butm_campaign%25253D2023oth%252526amp%2525253Butm_content%25253Dem-loc-txho-2023oth-texas-heb-campaign2%3F;ref=https%3A%2F%2Fgive.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-285483731-1687892940860;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=0;et=1687892942240;tzo=0;ogl=;ses=f1a40216-1873-4fae-89a5-b36bfbada95a;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame E23F 0
15 B 28ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJHUz5mT5P8CFYfFsgod0eoJQQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Dgen%3Bord%3D2540812017259%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fgive.marchofdimes.org%252F%253FsrcCode%253DCCLGENEM2306CNT68727001%2526%25253Butm_source%253Dmodemail%2526%25253Butm_medium%253Demail%2526%25253Butm_campaign%253D2023oth%2526%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%2526DonationFormId%253D241%2526urlReferer%253Dhttps%25253A%25252F%25252Fwww.marchofdimes.org%25252Fsupport-email%25253FsrcCode%25253DCCLGENEM2306CNT68727001%252526amp%2525253Butm_source%25253Dmodemail%252526amp%2525253Butm_medium%25253Demail%252526amp%2525253Butm_campaign%25253D2023oth%252526amp%2525253Butm_content%25253Dem-loc-txho-2023oth-texas-heb-campaign2%3F&rl=https%3A%2F%2Fgive.marchofdimes.org%2F&if=true&ts=1687892942244&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&it=1687892942144&coo=false&exp=a1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/give.marchofdimes.org/ Frame F23A 213 B
1 KB 604ms
212ms XHR
application/json 52.218.153.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/give.marchofdimes.org/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.153.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 64cae89b6c2ab73f33edcae25c24da5139acbed135bc45fa8a749e8d70ab1ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:03 GMT
Content-Encoding: gzip
x-amz-version-id: ySHW67Yt3tjD_Szoa.5p1OHFDb0xfiHt
x-amz-request-id: Q98QMPN8AJXDHBAG
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 175
x-amz-id-2: h+XHcYzWZNKm9gdB2sWpipi+98sdS7F4380vs6B7v8hvSFGxxWAdwLWYRvkPZIEsJOmaz8MQ5GQ=
Last-Modified: Mon, 26 Jun 2023 15:52:25 GMT
Server: AmazonS3
ETag: "5c276e2da17966a51b3ad8e1c5759f58"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/give.marchofdimes.org/ Frame F23A 213 B
1 KB 795ms
189ms XHR
application/json 52.218.153.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/give.marchofdimes.org/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.153.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 64cae89b6c2ab73f33edcae25c24da5139acbed135bc45fa8a749e8d70ab1ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:03 GMT
Content-Encoding: gzip
x-amz-version-id: ySHW67Yt3tjD_Szoa.5p1OHFDb0xfiHt
x-amz-request-id: Q98R60PG0KX9DGFK
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 175
x-amz-id-2: ojE0NJlk8djRzexcuRYVTn3XpQJLRBsSlfqH8UZA39FRy6qNGxs+bKVWuKB/O9aKPIq6NceLtIU=
Last-Modified: Mon, 26 Jun 2023 15:52:25 GMT
Server: AmazonS3
ETag: "5c276e2da17966a51b3ad8e1c5759f58"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 35ms
35ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 35ms
34ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 138ms
21ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 137ms
20ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 204 unip Show response
trc-events.taboola.com/1335104/log/3/ 0
250 B 34ms
23ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=0&ssd=1&est=1687892940678&ver=36&isls=true&src=i&invt=1500&msa=356&rv=1&tim=1687892942255&vi=1687892940675&ri=27e3554ce0d851942ad7109305ee853f&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.marchofdimes.org
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame E23F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=236&user_id=794645753824&expires=30&user_group=1
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=6ef01bf4-6e69-4e4a-ac1c-44cc403fea99&gdpr=&gdpr_consent=

43 B
163 B

33ms
30ms

Image
image/gif

185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=6ef01bf4-6e69-4e4a-ac1c-44cc403fea99&gdpr=&gdpr_consent=
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:01 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=6ef01bf4-6e69-4e4a-ac1c-44cc403fea99&gdpr=&gdpr_consent=
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame E23F 43 B
499 B 138ms
23ms Image
image/gif 52.58.191.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212300608&puid=794645753824
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.191.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-191-52.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E23F 0
239 B 31ms
20ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=794645753824&expires=30
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame E23F 0
311 B 110ms
29ms Image
text/plain 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=794645753824
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/ Frame E23F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794645753824&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794645753824%26uid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=794645753824&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794645753824%26uid%3D%24%7...
https://ums.acuityplatform.com/sum?umid=64&auid=794645753824&uid=96308d54-bc72-4b54-bda5-59aa45f06ee1

0
27 B

128ms
39ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=64&auid=794645753824&uid=96308d54-bc72-4b54-bda5-59aa45f06ee1
Requested by: Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CJHUz5mT5P8CFYfFsgod0eoJQQ;src=8832015;type=rt;cat=gen;ord=2540812017259;gtm=45He36q0;auiddc=514555590.1687892940;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2?
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ums.acuityplatform.com/sum?umid=64&auid=794645753824&uid=96308d54-bc72-4b54-bda5-59aa45f06ee1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55950/ Frame E23F
Redirect Chain

https://pixel.advertising.com/ups/55950/sync?uid=794645753824&_origin=1
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794645753824&_origin=1

0
15 B

30ms
25ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=794645753824&_origin=1

Requested by

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=794645753824&_origin=1
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.57
content-length: 355
content-language: en

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E23F 170 B
243 B 42ms
28ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=794645753824

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 126ms
22ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 29ms
24ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://give.marchofdimes.org
access-control-max-age: 1800
date: Tue, 27 Jun 2023 19:09:02 GMT
paypal-debug-id: a72995cacc134
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 126ms
22ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 125ms
23ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 32ms
29ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H2 200 graphql Show response
payments.braintree-api.com/ Frame F23A 382 B
651 B 98ms
98ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4a178a5ba89f0baefd5f0b232176cc937b3ede428518c5df3c7f572bb4dd116f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODc5NzkzNDEsImp0aSI6IjU2NDMwNmRmLTk4NTgtNGQxNi05MDZkLWU0MmFhODhmY2YzMiIsInN1YiI6InNoY3g1OHNwMjhuYnhrbjUiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InNoY3g1OHNwMjhuYnhrbjUiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.AKchBlaDMGJYW8aQgz3Z5I9hXhcBMX3xZ6PJG52j0juR1klT9XPT5vTCw0wuFpCTqN4lcA2U-_e8l-2lNC6pyQ
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://give.marchofdimes.org
paypal-debug-id: e0737097295f4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 293

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 32ms
30ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame F23A 60 KB
21 KB 98ms
22ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 938356
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 2663192
x-cache: HIT, HIT
paypal-debug-id: 9c1affd672957
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20747
x-served-by: cache-fra-etou8220022-FRA
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (frc/4CE0)
traceparent: 00-00000000000000000009c1affd672957-01cd3a7c71689947-01
x-timer: S1687892942.352219,VS0,VE1
etag: "645e72dc-eeee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 19:09:02 GMT

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 31ms
29ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H/1.1

200
OK

logo.htm Show response
ssl.kaptcha.com/ Frame 9A01
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c
https://ssl.kaptcha.com/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c

41 B
366 B

631ms
186ms

Document
text/html

35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c
Requested by: Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Referer: https://give.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 41
Content-Type: text/html
Date: Tue, 27 Jun 2023 19:09:03 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 4ef5417a-a0a3-4870-a3c8-6467d9ac791b

Redirect headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public, max-age=3600
content-length: 138
content-type: text/html
date: Tue, 27 Jun 2023 19:09:02 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://ssl.kaptcha.com/logo.htm?m=null&s=b9c305ac30b1408f137ad1623af4362c
paypal-debug-id: 4715245d54b19
strict-transport-security: max-age=31557600
traceparent: 00-00000000000000000004715245d54b19-218db515b11f75fe-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-sjc10080-SJC, cache-fra-etou8220088-FRA
x-timer: S1687892942.342841,VS0,VE255

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A18B 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 585325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A18B 15 KB
16 KB 92ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 586967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A18B 15 KB
15 KB 93ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 264077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A18B 102 B
133 B 33ms
32ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_Xq4UAAAAAHd1hKHMAy-iydWdiqmt5E-IKeak&co=aHR0cHM6Ly9naXZlLm1hcmNob2ZkaW1lcy5vcmc6NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oxei8q6p100v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H2 200 button_T6.png
d2ldlvi1yef00y.cloudfront.net/us/live/en_us/amazonpay/gold/medium/ Frame F23A 3 KB
4 KB 175ms
53ms Image
image/png 2600:9000:218d:ea00:14:4f74:f880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ldlvi1yef00y.cloudfront.net/us/live/en_us/amazonpay/gold/medium/button_T6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:ea00:14:4f74:f880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdf44a7473d1aa23ccedf8d377d7d4c2b549de4c0df53d2ba4cfe0b022f0ba68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:35:53 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jun 2018 16:11:27 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 9191
etag: "a06d383d676e4682cdf81b57dd9a13d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 3228
x-amz-cf-id: z-R3moLxhRKzkfq0skvX6pXN5sOM2ji7yyNIIVm0IigO1mcHjcC6rA==

POST
H/1.1 200
OK shcx58sp28nbxkn5 Show response
client-analytics.braintreegateway.com/ Frame F23A 0
350 B 30ms
30ms XHR
text/plain 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Requested by

Host: give.marchofdimes.org
URL: https://give.marchofdimes.org/js/chunk-vendors.e4bafff4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK shcx58sp28nbxkn5
client-analytics.braintreegateway.com/ Frame 0
0 28ms
27ms Preflight 35.156.192.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/shcx58sp28nbxkn5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.192.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-192-184.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.marchofdimes.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame E602 160 B
1 KB 190ms
176ms Document
text/html 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.marchofdimes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: d3ca670f9d6fd
date: Tue, 27 Jun 2023 19:09:02 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: d3ca670f9d6fd
server-timing: "traceparent;desc="00-0000000000000000000d3ca670f9d6fd-270861a7fed07485-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000d3ca670f9d6fd-b8b482ebb9e445fe-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220022-FRA
x-timer: S1687892943.559490,VS0,VE162
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame CF9A
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14

42 B
299 B

165ms
48ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e01b5260283bb1f387a72838238fbf98&t=1687892942.27&a=14
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 /
www.facebook.com/tr/ Frame C209 0
15 B 37ms
33ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812396462484872&ev=Microdata&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJKPkpmT5P8CFYmrsgoddjkNpA%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D7617268166791%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1687892942564&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&it=1687892940867&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AAA7
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qIj0NdG1uJoir7PRtEfccXhslftxXUK0

0
338 B

170ms
47ms

Image
text/plain

34.254.148.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qIj0NdG1uJoir7PRtEfccXhslftxXUK0
Protocol: H2
Server: 34.254.148.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-148-66.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1687892942
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qIj0NdG1uJoir7PRtEfccXhslftxXUK0
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 761191
content-length: 0

POST
H/1.1 200
OK uedata Show response
apay-us.amazon.com/cs/ Frame F23A 0
523 B 267ms
122ms XHR
application/json 44.215.137.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/cs/uedata

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.137.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-137-250.compute-1.amazonaws.com

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://give.marchofdimes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z0V005K3EC7R82VSAVWQ
x-amzn-RequestId: Z0V005K3EC7R82VSAVWQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://give.marchofdimes.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/ Frame F23A 275 KB
61 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b6cc48703dca63f25b70917f613bab4813ee863b90c410e843a74e46fbaffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62390
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 18:22:28 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/ Frame F23A 165 KB
52 KB 74ms
71ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4462f68bec53559778a381c9a628e47f599fee85049e410cea985b1441195eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52775
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 18:22:28 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/ Frame F23A 91 KB
24 KB 96ms
93ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5857cb0026f4dd1c5ba50512170f95aaf432d517b92054a50ed42f246f23ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24287
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 18:22:28 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/ Frame F23A 57 KB
18 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/8/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDuRY-BMAtBAIm1P8HW5Ts8ztNiofeZgBY&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90789cf404923195f08f27daaa525ac94d7a9f6dd009378bf9fc368e2fdbb2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18308
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 18:22:28 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B529 43 B
145 B 32ms
24ms Image
image/gif 18.192.33.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1RG5-GhInH8tgqTsF0fYkXyobCM_2gih6cCDnw&expires=30
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.33.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-33-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B529
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_cm&google_hm=ay1wUU1lTG1oSW5IOHRncVRzRjBmWWtYeW9iQ01rQWlsS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

43 B
369 B

36ms
35ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 680254
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pQMeLmhInH8tgqTsF0fYkXyobCMkAilKtvAmLA&google_gid=CAESEJF5l6koTRP69U7O-9Yj9S0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B529
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

43 B
370 B

42ms
36ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1500940
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1cde52db-1640-4618-b418-2a81ef6c696f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3003998535865391893
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame B529 43 B
1 KB 28ms
20ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-kiTahGhInH8tgqTsF0fYkXyobCOzAPi0nixBAg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
AN-X-Request-Uuid: 342f028c-978b-4e6e-a9ae-f6909c2c5554
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B529 61 B
629 B 145ms
132ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-X4fg7mhInH8tgqTsF0fYkXyobCMUbuHltxFo0Q

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 19:09:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B529 43 B
163 B 38ms
31ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-0eiL7GhInH8tgqTsF0fYkXyobCMKYiLN5nn4Yw
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame B529 23 B
163 B 57ms
44ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-LUo7FGhInH8tgqTsF0fYkXyobCM9giL6u8yWLQ
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 27 Jun 2023 19:09:02 GMT
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B529 37 B
139 B 34ms
22ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-rsgaRWhInH8tgqTsF0fYkXyobCOhvlFKsc-gRg&dongle=013b
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pixel
cm.adform.net/ Frame B529 43 B
161 B 42ms
29ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-5R1UFWhInH8tgqTsF0fYkXyobCM78aZDWzp49Q
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B529 49 B
95 B 60ms
47ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oGCZr2hInH8tgqTsF0fYkXyobCNpjVLNGXJPjQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 18
content-length: 49
expires: 0

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame B529 43 B
766 B 35ms
23ms Image
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WEV6qWhInH8tgqTsF0fYkXyobCMCHjKOQKzmxg
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=391g6yqKjbwweMoFa6X_C0pBEMFDvQhJ
dpm.demdex.net/ Frame B529
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=391g6yqKjbwweMoFa6X_C0pBEMFDvQhJ

42 B
942 B

50ms
50ms

Image
image/gif

99.81.116.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=391g6yqKjbwweMoFa6X_C0pBEMFDvQhJ

Protocol

HTTP/1.1

Server

99.81.116.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-116-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v049-0af5a1c64.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tezVNEKDQkw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=391g6yqKjbwweMoFa6X_C0pBEMFDvQhJ
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 567944
content-length: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame B529 43 B
1 KB 33ms
26ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-05iSBGhInH8tgqTsF0fYkXyobCMrKahhMfE_tw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame B529 43 B
447 B 60ms
48ms Image
image/gif 18.203.90.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZviDmWhInH8tgqTsF0fYkXyobCOqL2DXYvssZQ
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.90.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-90-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 19:09:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B529 42 B
103 B 42ms
30ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-r7Q3xmhInH8tgqTsF0fYkXyobCO-ekFWJNrjOw
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B529 0
145 B 182ms
104ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ppUW72hInH8tgqTsF0fYkXyobCMiZuBpwKuMjA&initiator=partner
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:09:02 GMT
Cache-Control: no-cache
X-TraceId: 06a35a24dec9da2d6f806a966f170e96
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B529 42 B
430 B 43ms
32ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 27 Jun 2023 19:09:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B529 43 B
398 B 124ms
113ms Image
image/gif 2600:1f18:612b:4200:f677:2600:2836:f912
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Kkv1aGhInH8tgqTsF0fYkXyobCNBFxtnGP0IkQ
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:f677:2600:2836:f912 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 27 Jun 2023 19:09:02 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B529 43 B
153 B 45ms
34ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-dsNNxmhInH8tgqTsF0fYkXyobCOQctN3ztGXQA
Requested by: Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 19:09:02 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B529 0
239 B 27ms
20ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CGCL2GhInH8tgqTsF0fYkXyobCMJQZlolPy22w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B529 0
357 B 33ms
22ms Image
text/plain 18.194.136.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-25G_u2hInH8tgqTsF0fYkXyobCMRYn6kO9pFwg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.136.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-136-210.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B529 0
98 B 39ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-rz_Z2GhInH8tgqTsF0fYkXyobCOCCqu4DH97xg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27345

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B529 0
15 B 35ms
25ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3Qf2WWhInH8tgqTsF0fYkXyobCOtpYMyD7RENw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B529 0
877 B 34ms
24ms Image
text/html 3.125.198.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-r12E8GhInH8tgqTsF0fYkXyobCOvPv5N0vihBA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.198.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-198-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B529 0
400 B 58ms
52ms Image
text/plain 2.22.155.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-l-7BdWhInH8tgqTsF0fYkXyobCMPPDKmEfM4fA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.155.103 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:09:02 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jun 2023 19:09:02 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B529 0
37 B 55ms
46ms Image
text/plain 3.248.97.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Yur_iWhInH8tgqTsF0fYkXyobCNwu3FrAsILoA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.97.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-97-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
content-length: 0

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ Frame F23A 2 KB
2 KB 112ms
30ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ Frame F23A 3 KB
3 KB 114ms
32ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:02 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 27 Jun 2023 19:09:02 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame E602 60 KB
21 KB 36ms
18ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 938358
date: Tue, 27 Jun 2023 19:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 2663192
x-cache: HIT, HIT
paypal-debug-id: 9c1affd672957
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20747
x-served-by: cache-fra-etou8220022-FRA
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (frc/4CE0)
traceparent: 00-00000000000000000009c1affd672957-01cd3a7c71689947-01
x-timer: S1687892943.772931,VS0,VE1
etag: "645e72dc-eeee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 19:09:02 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame E602 125 B
862 B 194ms
193ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0aff8a1e641d72c728bec643e782313aadccafabfc6aa00a1e804e8ac1564c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Jun 2023 19:09:03 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: b84b9b463f5e4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-etou8220022-FRA
correlation-id: b84b9b463f5e4
traceparent: 00-0000000000000000000b84b9b463f5e4-a837a256751e28bf-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame E602 0
348 B 185ms
184ms XHR
text/plain 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Jun 2023 19:09:03 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: e3354e63de727
server-timing: "traceparent;desc="00-0000000000000000000e3354e63de727-92ae858e4a518085-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220022-FRA
correlation-id: e3354e63de727
traceparent: 00-0000000000000000000e3354e63de727-45bf446aeed38674-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame E602 0
220 B 246ms
216ms Image
text/plain 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=e01b5260283bb1f387a72838238fbf98&s=BRAINTREE_SIGNIN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:03 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: b19ffbcd31cd
server-timing: "traceparent;desc="00-00000000000000000000b19ffbcd31cd-91c7ba2bf8b86c27-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-etou8220022-FRA
correlation-id: b19ffbcd31cd
traceparent: 00-00000000000000000000b19ffbcd31cd-8e595658604be247-01
x-timer: S1687892943.876145,VS0,VE196
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ Frame F23A 6 B
1003 B 569ms
189ms Script
text/javascript 54.244.31.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=give.marchofdimes.org&rand=1687892942854

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.31.99 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-31-99.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: Apache
x-trace: 2BE36D1BF7F320EDCFED7583A418DBD3565629321D000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type: text/javascript; charset=utf-8
content-length: 26

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B529
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g1D6s1I5memL1n6VA4fpkhbko6Qrtrgs

0
337 B

70ms
48ms

Image
text/plain

34.254.148.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g1D6s1I5memL1n6VA4fpkhbko6Qrtrgs
Protocol: H2
Server: 34.254.148.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-148-66.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n012-dub-prod.krxd.net
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1687892942
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g1D6s1I5memL1n6VA4fpkhbko6Qrtrgs
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 586529
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame AAA7
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=c5nEVNYwrU7uf_qm7E73_x21sFk694gv

35 B
267 B

391ms
118ms

Image
image/gif

3.19.254.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=c5nEVNYwrU7uf_qm7E73_x21sFk694gv
Protocol: H2
Server: 3.19.254.15 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-254-15.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:03 GMT
x-bt-requestid: 149279d0-151e-11ee-94b4-0000ac170325
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=c5nEVNYwrU7uf_qm7E73_x21sFk694gv
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 942615
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame B529
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=qk71-4KhN37nQmg1g5_sKrEXi6gpptX7

35 B
268 B

389ms
114ms

Image
image/gif

3.19.254.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=qk71-4KhN37nQmg1g5_sKrEXi6gpptX7
Protocol: H2
Server: 3.19.254.15 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-254-15.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:03 GMT
x-bt-requestid: 149252c0-151e-11ee-83ff-0000ac170017
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=qk71-4KhN37nQmg1g5_sKrEXi6gpptX7
date: Tue, 27 Jun 2023 19:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 770099
content-length: 0

GET
H2 200 212.svg
cdn.ywxi.net/meter/give.marchofdimes.org/ Frame F23A 21 KB
9 KB 24ms
23ms Image
image/svg+xml 2600:9000:225e:f400:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/give.marchofdimes.org/212.svg?ts=1687794744477&l=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6e8f6b76132f1b9dfe46847a40f6bda5a9eb11e889663b16e63dfd65ff0e6fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3511
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 7871
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B482E6F978998487ACA8B7059349045F866558F46000000000000000000
content-type: image/svg+xml
cache-control: public
x-amz-cf-id: CW4tHTQw6HfYUFL3hS-PjiGjuk6XexicBinasjDwPp2uHCscjorioA==
expires: Tue, 27 Jun 2023 19:10:32 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame F23A 0
15 B 29ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621384747882069&ev=Microdata&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1687892943562&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22March%20of%20Dimes%20Donation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687892940834.1140255831&it=1687892941662&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame E23F 0
15 B 39ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812396462484872&ev=Microdata&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJHUz5mT5P8CFYfFsgod0eoJQQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Dgen%3Bord%3D2540812017259%3Bgtm%3D45He36q0%3Bauiddc%3D514555590.1687892940%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fgive.marchofdimes.org%252F%253FsrcCode%253DCCLGENEM2306CNT68727001%2526%25253Butm_source%253Dmodemail%2526%25253Butm_medium%253Demail%2526%25253Butm_campaign%253D2023oth%2526%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2%2526DonationFormId%253D241%2526urlReferer%253Dhttps%25253A%25252F%25252Fwww.marchofdimes.org%25252Fsupport-email%25253FsrcCode%25253DCCLGENEM2306CNT68727001%252526amp%2525253Butm_source%25253Dmodemail%252526amp%2525253Butm_medium%25253Demail%252526amp%2525253Butm_campaign%25253D2023oth%252526amp%2525253Butm_content%25253Dem-loc-txho-2023oth-texas-heb-campaign2%3F&rl=https%3A%2F%2Fgive.marchofdimes.org%2F&if=true&ts=1687892943761&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&it=1687892942144&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8832015.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 19:09:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 204 unip Show response
trc-events.taboola.com/1335104/log/3/ 0
250 B 28ms
28ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4579&scd=0&ssd=1&est=1687892940678&ver=36&isls=true&src=i&invt=3000&msa=356&rv=1&tim=1687892945258&vi=1687892940675&ri=27e3554ce0d851942ad7109305ee853f&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.marchofdimes.org
pragma: no-cache
date: Tue, 27 Jun 2023 19:09:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
region1.google-analytics.com/g/ Frame F23A 0
17 B 29ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je36q0&_p=640304719&cid=1519028990.1687892941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687892940&sct=1&seg=1&dl=https%3A%2F%2Fgive.marchofdimes.org%2F%3FsrcCode%3DCCLGENEM2306CNT68727001%26%253Butm_source%3Dmodemail%26%253Butm_medium%3Demail%26%253Butm_campaign%3D2023oth%26%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2%26DonationFormId%3D241%26urlReferer%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fsupport-email%253FsrcCode%253DCCLGENEM2306CNT68727001%2526amp%25253Butm_source%253Dmodemail%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253D2023oth%2526amp%25253Butm_content%253Dem-loc-txho-2023oth-texas-heb-campaign2&dr=https%3A%2F%2Fwww.marchofdimes.org%2F&dt=March%20of%20Dimes%20Donation&en=scroll&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.marchofdimes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 19:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.marchofdimes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.marchofdimes.org/	1970-01-20 12:52:59	Name: df5remind Value: https://www.marchofdimes.org/support-email?srcCode=CCLGENEM2306CNT68727001&amp%3Butm_source=modemail&amp%3Butm_medium=email&amp%3Butm_campaign=2023oth&amp%3Butm_content=em-loc-txho-2023oth-texas-heb-campaign2
.marchofdimes.org/	1970-01-20 15:01:08	Name: _gcl_au Value: 1.1.514555590.1687892940
.www.marchofdimes.org/	1970-01-20 21:37:08	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Jun+27+2023+19%3A09%3A00+GMT%2B0000+(GMT)&version=5.13.0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fsupport-email%3FsrcCode%3DCCLGENEM2306CNT68727001%26amp%253Butm_source%3Dmodemail%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3D2023oth%26amp%253Butm_content%3Dem-loc-txho-2023oth-texas-heb-campaign2&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1&hosts=
.marchofdimes.org/	1970-01-20 12:52:59	Name: _gid Value: GA1.2.1929714967.1687892941
.marchofdimes.org/	1970-01-20 12:51:33	Name: _gat_UA-219864-60 Value: 1
.doubleclick.net/	1970-01-20 22:13:08	Name: IDE Value: AHWqTUnZR02tNGV33Gt0jpWhManuY7LDrntVLnaFlrPt-XwlLgcQBusaYv8BmE70HcU
.tiktok.com/	1970-01-20 22:13:08	Name: _ttp Value: 2RnjrtZFBFrBQl3Es2QGLSrb70n
.bing.com/	1970-01-20 22:13:08	Name: MUID Value: 00BBA59E55516C710980B6A354FD6DB2
.marchofdimes.org/	1970-01-20 15:01:08	Name: _fbp Value: fb.1.1687892940834.1140255831
.quantserve.com/	1970-01-20 22:21:47	Name: mc Value: 649b33cc-d56a0-2735a-af2f2
.marchofdimes.org/	1970-01-20 22:13:08	Name: _tt_enable_cookie Value: 1
.marchofdimes.org/	1970-01-20 22:13:08	Name: _ttp Value: NvPIGbBr9-N9PaQov3A6C-eD4SJ
www.marchofdimes.org/	1970-01-20 12:52:59	Name: ln_or Value: eyIzNDQ2Mjk3IjoiZCJ9
.marchofdimes.org/	1970-01-20 22:16:01	Name: __qca Value: P0-710149565-1687892940672
.acuityplatform.com/	1970-01-20 21:37:08	Name: auid Value: 794645753824
.linkedin.com/	1970-01-20 15:01:08	Name: li_sugr Value: 5dac3a18-61f2-4382-9b3c-22381f91bb82
.linkedin.com/	1970-01-20 21:37:08	Name: bcookie Value: "v=2&139bbae5-5552-4db1-8ef7-8d9b88349657"
.linkedin.com/	1970-01-20 12:52:59	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2966:u=1:x=1:i=1687892940:t=1687979340:v=2:sig=AQEMfRW0yL9mNtGlM38X8h_CjIVzh8RQ"
.criteo.com/	1970-01-20 22:13:08	Name: uid Value: e4f860ea-8a41-4d35-a8e9-658b40ee693a
.linkedin.com/	1970-01-20 13:34:44	Name: UserMatchHistory Value: AQI5XGZCrRQucwAAAYj-Qlk8BwnWiI_XtHazcU0ehxj-SbjVYsll_ctGIU_u7RI05uvtmm9Zm4fAgA
.linkedin.com/	1970-01-20 13:34:44	Name: AnalyticsSyncHistory Value: AQK29JB-FDMOfwAAAYj-Qlk8hiFa5ToIsSBlIusLWu0LDsJkb97AdEeMtIReqI8BGzr6CDdAYr1u9Rd71WJBaQ
.www.linkedin.com/	1970-01-20 21:37:08	Name: bscookie Value: "v=1&20230627190901a9d52722-b508-4784-8d48-535d4657a427AQGs1plStvx0jzmA8WRop2lpfgxuJyQ4"
.linkedin.com/	1970-01-20 17:10:44	Name: li_gc Value: MTswOzE2ODc4OTI5NDE7MjswMjH9KwmGp7UKHtBe6/IyKoQUurde1trluPUC4L260l1zmw==
.marchofdimes.org/	1970-01-20 12:51:33	Name: _gat_gtag_UA_219864_1 Value: 1
.marchofdimes.org/	1970-01-20 22:27:32	Name: _ga Value: GA1.1.1519028990.1687892941
.marchofdimes.org/	1970-01-20 12:52:59	Name: _uetsid Value: 13057570151e11ee84fb6b39c805288c
.marchofdimes.org/	1970-01-20 22:13:08	Name: _uetvid Value: 1305bd40151e11eeb15edb80f7d71b78
.marchofdimes.org/	1970-01-20 22:27:32	Name: _ga_0DRBVSJJB1 Value: GS1.1.1687892940.1.1.1687892941.0.0.0
give.marchofdimes.org/	1970-01-20 12:52:59	Name: language Value: en_US
give.marchofdimes.org/	1969-12-31 23:59:59	Name: amazon-pay-connectedAuth Value: connectedAuth_general
give.marchofdimes.org/	1970-01-20 12:52:59	Name: ln_or Value: eyIzNDQ2Mjk3IjoiZCJ9
.amazon.com/	1970-01-20 21:37:08	Name: session-token Value: "Nu/RHUYR2WYFRx16OOYLz1TuD6Iz4v1jluptoWreaMWcKZOtGLTgzQC/n/ah2KNCX3kmTzH7ZN0gKRgQ3kIe7hs4DP2H4ZAa8gwptYRMwqsxkVWLWX5oXq5bVSu3HRDRgFhdgrW4t8WFWCI7JXrsZuYRWBZLrCLkRKdE8SjMczDUY7LVrOwEF8NLBZm+X3+N3mMyZsr1EMi1W6VfY04Rzw=="
.amazon.com/	1970-01-20 21:37:08	Name: session-id Value: 132-4104467-3544531
.amazon.com/	1970-01-20 21:37:08	Name: session-id-time Value: 2082758400
.amazon.com/	1970-01-20 21:37:08	Name: session-id-apay Value: 132-4104467-3544531
give.marchofdimes.org/	1970-01-20 12:52:59	Name: apay-session-set Value: ISiOZqHk5SQPsCSCtM%2FgdWPZbbnvkbLLRwPsW3VbmjgFml1Fq8xpxomFvdcB4Q0%3D
.acuityplatform.com/	1970-01-20 21:37:08	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBRD9IJWu8mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMhj3RoaXJkUGFydHlVc2VySWQh+4IxMjj6QiQEgEMlAUQ/SCVrvEQhRSH7gTE3+kIkokMlAUQ/SCVrvEQhRSH7gDL6QsRDJQFEP0gla7xEIUUh+4IxMTT6QiQDpEMlAUQ/SCVrvEQhRSH7gDT6QshDJQFEP0gla7xEIUUh+4IxMDH6QiQDikMlAUQ/SCVrvEQhRSH7gTcw+kIkAoxDJQFEP0gla7xEIUUh+4IxMDX6QiQDkkMlAUQ/SCVrvEQhRSH7gTI3+kIktkMlAUQ/SCVrvEQhRSH7+4Z2ZXJzaW9uwvs="
.bidswitch.net/	1970-01-20 21:37:08	Name: tuuid Value: 6ef01bf4-6e69-4e4a-ac1c-44cc403fea99
.bidswitch.net/	1970-01-20 21:37:08	Name: c Value: 1687892942
.bidswitch.net/	1970-01-20 21:37:08	Name: tuuid_lu Value: 1687892942
.adnxs.com/	1970-01-20 15:01:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C%yw9>Ik!]tbPl@/D!9hy6]/Cr+l4J.br7n=+'dpNIn3ZrDK.B$C4Y/#xXky^_f.SdKi_golAC2]R35gZiObpRzqF1`bd'v-%/`
.adnxs.com/	1970-01-20 15:01:08	Name: uuid2 Value: 3003998535865391893
.media.net/	1970-01-20 21:37:08	Name: visitor-id Value: 3308945428280469000V10
.media.net/	1970-01-20 13:34:44	Name: data-c-ts Value: 1687892942
.media.net/	1970-01-20 13:34:44	Name: data-c Value: k-X4fg7mhInH8tgqTsF0fYkXyobCMUbuHltxFo0Q~~3
.advertising.com/	1970-01-20 21:37:30	Name: A3 Value: d=AQABBM4zm2QCED6et2ho8OCmVoaGYuCix9sFEgEBAQGFnGSlZOAXyiMA_eMAAA&S=AQAAAt6tiiLlhDaPy_uK0rEvBAI
.tapad.com/	1970-01-20 14:17:56	Name: TapAd_TS Value: 1687892942345
.tapad.com/	1970-01-20 14:17:56	Name: TapAd_DID Value: 96308d54-bc72-4b54-bda5-59aa45f06ee1
.id5-sync.com/	1970-01-20 12:51:33	Name: cf Value:
.id5-sync.com/	1970-01-20 12:51:33	Name: cip Value:
.id5-sync.com/	1970-01-20 12:51:33	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:51:33	Name: car Value:
.id5-sync.com/	1970-01-20 12:51:33	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:51:33	Name: callback Value:
.agkn.com/	1970-01-20 21:37:08	Name: ab Value: 0001%3ABScmMJfGRZIolyqbv5cKbwmZA6M6c4rU
.casalemedia.com/	1970-01-20 21:37:08	Name: CMID Value: ZJszzlva.1APlNRotAXDrAAA
.casalemedia.com/	1970-01-20 15:01:08	Name: CMPS Value: 5210
.casalemedia.com/	1970-01-20 15:01:08	Name: CMPRO Value: 5210
.demdex.net/	1970-01-20 17:10:44	Name: demdex Value: 27007666838831291792813391914421436209
exchange.mediavine.com/	1970-01-20 13:11:42	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22140a0ff0-151e-11ee-9f34-9df2c1c23238%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:11:42	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22140a0ff0-151e-11ee-9f34-9df2c1c23238%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:11:42	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22140a0ff0-151e-11ee-9f34-9df2c1c23238%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:11:42	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22140a0ff0-151e-11ee-9f34-9df2c1c23238%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:11:42	Name: criteo Value: %7B%22id%22%3A%22k-r12E8GhInH8tgqTsF0fYkXyobCOvPv5N0vihBA%22%2C%22version%22%3A%22criteo%22%7D
.tapad.com/	1970-01-20 14:17:56	Name: TapAd_3WAY_SYNCS Value:
.360yield.com/	1970-01-20 15:01:08	Name: tuuid Value: b4af3c9d-ea62-4871-9f06-5f456a827760
.360yield.com/	1970-01-20 15:01:08	Name: tuuid_lu Value: 1687892942
.pubmatic.com/	1970-01-20 13:34:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug&KRTB&23144-uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug&KRTB&23286-uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug&KRTB&23287-uid:k-zGN7fmhInH8tgqTsF0fYkXyobCPdCraPr8ojug
.dpm.demdex.net/	1970-01-20 17:10:44	Name: dpm Value: 27007666838831291792813391914421436209
widgets.guidestar.org/	1970-01-20 13:01:37	Name: AWSALBCORS Value: 8ZYJsKPUZuJzOBcyfhCs59EmR3eatwPWiSVfy2N45BgSJyrJJEVZNWNwfjAJGhhlMRwWI1h6AidNNM9hGeCs5hJRXD/SIh9MKpMAMDePWQOtiXpvJIUnMXMHR1sz
.360yield.com/	1970-01-20 15:01:08	Name: umeh Value: !38,0,1750100942,-1
.tremorhub.com/	1970-01-20 13:34:44	Name: tv_UICR Value: k-Kkv1aGhInH8tgqTsF0fYkXyobCNBFxtnGP0IkQ
match.sharethrough.com/	1970-01-20 13:01:37	Name: AWSALBCORS Value: 00lwGonnjRk3Tjjnr8bxe8WiyRalnsxmPlQ4lKTx0zG/KXIOaDr2VxhqYMhw2csOnUmTNlHdux3EZkLihZiiolaPs8rZ/b7uvxGdNg/zsMmI9nGeMNakjWRZgBB5
.pubmatic.com/	1970-01-20 13:34:44	Name: PugT Value: 1687892941
.360yield.com/	1970-01-20 15:01:08	Name: um Value: !38,sx-2r8itPEW0-8za7QkSuDIspviOl.hMv0wUoUIqMRm4jN1z-Ny3rThIHFSV9PI-WXQk-zcW,1695668942
.tremorhub.com/	1970-01-20 21:37:29	Name: tvid Value: 79feee935c6747d2a916fec9e8962e63
give.marchofdimes.org/	1970-01-20 12:52:59	Name: trustedsite_visit Value: 1
give.marchofdimes.org/	1970-01-20 12:51:33	Name: trustedsite_tm_float_seen Value: 1
.krxd.net/	1970-01-20 17:10:44	Name: _kuid_ Value: PpBBc2aC
.c.paypal.com/	1970-01-20 22:27:32	Name: sc_f Value: dI--a-LuEZ7lfHh5cbY1VcHDYnfnGmM7TK0jtEEACK7UWayXnYqgEQYo0YT4uqljj93pjSDa33VtslptqFAZYI5NOoKuILTQJghLCm
.paypal.com/	1970-01-20 22:27:32	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: Bv-V2S4NvP1y8nYaB6YD7PnuUU37QvOXe_c5ykF_7NSpt5NX-3B_kYTyr_kNY3VLB84UoCBEcStoqVzy
.paypal.com/	1970-01-20 12:51:34	Name: l7_az Value: dcg02.phx
www.trustedsite.com/	1970-01-20 13:01:37	Name: AWSALBCORS Value: w3Yd0Yx4PF8/kfySoMxRpDhZMTIfPZF/Ke0ZxypZDvm2Qwz7XLOF6BTtzDoENSGC8/eYPK+1AYOYOayDD7G5MuFybesUJHmPgssUOz79VozsFXb3NLdfMO1ZSFjP

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=124471048499? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=124471048499?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=328360088865? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=328360088865?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://give.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.twiago.com
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
apay-us.amazon.com
assets.braintreegateway.com
b.stats.paypal.com
bat.bing.com
beacon.krxd.net
c.paypal.com
c6.paypal.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdn.taboola.com
cdn.ywxi.net
ce.lijit.com
client-analytics.braintreegateway.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2ldlvi1yef00y.cloudfront.net
dis.criteo.com
doublethedonation.com
dpm.demdex.net
dub.stats.paypal.com
dynamic.criteo.com
e.acuityplatform.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
give.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
js.adsrvr.org
js.braintreegateway.com
maps.googleapis.com
maps.gstatic.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
mug.criteo.com
origin.acuityplatform.com
pagead2.googlesyndication.com
payments.amazon.com
payments.braintree-api.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.thebrighttag.com
s3-us-west-2.amazonaws.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
snap.licdn.com
ssl.kaptcha.com
sslwidget.criteo.com
static-na.payments-amazon.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trc-events.taboola.com
trc.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
widgets.guidestar.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.trustedsite.com
x.bidswitch.net
104.22.54.118
108.138.40.116
13.107.42.14
13.248.245.213
141.226.228.48
142.250.184.194
142.250.185.194
142.250.186.134
142.250.186.38
15.197.193.217
151.101.1.35
151.101.2.133
151.101.65.44
154.59.122.79
154.59.122.94
162.19.138.83
178.250.7.11
178.250.7.13
18.192.33.2
18.194.136.210
18.203.90.154
18.66.112.116
185.255.84.153
185.64.190.80
185.80.39.216
185.86.138.152
2.22.155.103
2001:4860:4802:32::36
216.52.2.39
23.12.140.42
23.218.208.23
23.32.185.35
23.38.98.111
23.96.109.67
2600:1f18:612b:4200:f677:2600:2836:f912
2600:9000:2171:4200:2:53b2:240:93a1
2600:9000:218d:ea00:14:4f74:f880:21
2600:9000:219c:4800:6:44e3:f8c0:93a1
2600:9000:225e:f400:14:6bfc:5740:93a1
2606:4700:10::6816:4345
2606:4700::6810:3965
2606:4700::6812:a972
2606:4700::6812:acf
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9b
2a02:2638:d::10
2a02:2638:d::d
2a02:26f0:780::210:a40a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.125.198.113
3.19.254.15
3.248.97.165
3.75.62.37
34.111.113.62
34.117.157.22
34.254.148.66
35.156.192.184
35.81.31.24
37.157.2.234
37.252.171.53
37.252.172.123
44.199.66.14
44.215.136.84
44.215.137.250
52.218.153.120
52.58.191.52
54.244.31.99
64.4.245.84
69.173.144.165
70.42.32.95
74.119.119.150
76.223.13.31
85.215.5.31
99.81.116.28
005097a39215fa44239fbe7b24acae9d697d5a45d75e5fe4b06158ab2a96812b
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
095fb25d29399504a5c9280cc7295e5f26b23c859144818c6e3c06d3493c5935
0aff8a1e641d72c728bec643e782313aadccafabfc6aa00a1e804e8ac1564c80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc1033bf8560f3163075c711d0ae90b5d01918c85bbd5a7f79badfd82a4cda7
0d375a8163b7d3e9425aed94e2f407f4650c2cde7737cbabe02a0be0d4782835
0e39929df145bda156a8abe9a54286626f6b480e34c52760559ce3fd8a051bde
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
162692cee65928b3636189ce96876a1634e775c2ae219bdb100cb2580cba323e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ba5287a919753a8fdb18929f1e3e7f6ccc31154169d254872080d11a9b1c4ee
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e4043169cb0bc5b7cdbe78638b243ac3934ed38751b18d2fa4952ef04ea73cc
2068180eec07868589bf9b3fddf8e0dd0b2eb00929ca984ed104d7510b57d6b5
20a78167d8c88d7e1d3917f78d9e664a4693b384f294fbaa496283f7656c7dce
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
21f7167ab74ead6a6e3489d9b9fba5d85d81ccab4acc32c6903f46be4e0595df
222f8d607f65910837fbcc42a3e993b770affdcba363b250608f5f269b7fcc05
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
25a26a31ffe8b00b9f7b84305ebb06c50376ad33265161f71ccf908604988a92
273864e396444efd398ccb68526eb4ef857069268dba59d4c93d877622935e30
2814a34f1184ab0e0dfc495e46f676abe9585ca699fd8300412148952941f914
2a551c6a84e41383c61251d498656509ca2609cf7e5d54a8ed4c8c6df97c3d00
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2bd6c30a523ce8b33d96dc79b1d759b5d5634740ae76aa6557e2d3741082e067
2c641f36cf42ebcbd2c1a23581780e3bd1bc6060af1f5fd43d461c6469555fdb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
353484e3a51f2cf2d22c7070946173bc5c3d029d43a684871f31d0805e5cffaa
38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2
3cff36c67fc608c179327a174466fe59d3e21d06e9ea77b3edb15a921d39fff2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
4388358f8e4ced0256b18ac97d008fee4081daa03fe7dd685a3104ee936706d2
4462f68bec53559778a381c9a628e47f599fee85049e410cea985b1441195eb9
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a178a5ba89f0baefd5f0b232176cc937b3ede428518c5df3c7f572bb4dd116f
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50afc1962e4dc0407de9a4a19fe336d29ef2743f2cc8993dd423e24fd5b8b0b6
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56eb51f442500d8710358085003c47bc980cc6c6b6bf2b8213e61a2c4c31cfd7
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b4c7042a57a39f59df8370a0d2398e2211dbf58ce616e06fef0ad99d17cec43
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
60545e054ec3ed32276ff337a4775973165502a5d7420dcbe0c7c3c1e3136d6b
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64cae89b6c2ab73f33edcae25c24da5139acbed135bc45fa8a749e8d70ab1ccc
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
681400e2ba68a73327a805f12f47e7fa483cc1df3612679a71c0fec0e8783e01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5857cb0026f4dd1c5ba50512170f95aaf432d517b92054a50ed42f246f23ff
6da677b1bb2132071aca775218b2b5c6e866265548c07212bbab1f1a0931fc77
6daf092c820d6323f36c5ddad13658cf42a525808c69025cc3e7a36d76ab5508
6e00a2fbb9401ab03fa534d50a63f519be2c18e388874dc80a4e0ac7a233bad0
6e8f6b76132f1b9dfe46847a40f6bda5a9eb11e889663b16e63dfd65ff0e6fb8
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
71a43dc553fa4925b60196b2fda0cada19776eebb337e8575ca375ca982b3aa4
759cbd9881e14214af52dfb585ccf70ea59037598b67cc9cf6df7d3fea7abfd0
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
80e3c5b69da6c738af26cccbbf96cc8ce1eba1c739f89d5d009657f7c752a1a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b6cc48703dca63f25b70917f613bab4813ee863b90c410e843a74e46fbaffa
852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a744ef9126e93c5939bf1650bd7724ce0bfa3eba8f5b73909b88183c310e997
8ab6178ed23ee18aa7ea5b16f2114096645d98ab305ba16d290cb80e5dc9760a
8baad8c872e6151f0eebedff088050aa8570d12e30c5ba3e28c4b2cf0a104ebd
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8dae1882059d37ba7dfe1f0f26c9bb1e56d92fb6fe028654f7a19e3d53b49850
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8f7e48b6a5d055df25a50eb84512d62923b17ed749e3aed5b4f8ed696e872a38
8fc17a517bcaafe39e7c2106483762f877897aa0c22ab9dd472c1cde12188626
90789cf404923195f08f27daaa525ac94d7a9f6dd009378bf9fc368e2fdbb2ae
9129237c4d569470449da6fde1c668779629f8a4d327d975cce8ac3fc5539f6d
92b6d5d686b85c9905af5ba1397d486466e0f313419e7971401e1ff9c31f1edc
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b1bc4c11b567ed69cf1e01acb69243f513163689eb0dfd33261ebd3692972bc
9c56f97c002513e5266bed356153984b1612bac56582f71f519180dac3c712d1
9ec3bd6685fcfcc08d6ea574d16db5da8622d5a713ce934ef443dc742330ab89
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a0c564a67ef9dc6ca28115db91817440d33c76f21970cb1f00c40c328b4b6e94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d3e0e18f9afabf05b83afaed4afdc3f95b69753e0e4b8ec7b4d20b8570c05b
a20011c16fa082eeab9ba732b2d52ada4eef132e27d26621af5a4ee13dcb8b62
a2925ebc9df04ccd6394511af90bc09bf370d19e6797a2434459574d89a6797e
a3e14dbca1847744f583c829dc976f72f0480584a612b6787d11653768c11550
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a4c9dcbc2a886326a35aebbb23d52ede5de4e5012008d3be27eaf2ba380b9864
a4dd6001dc8beb1bb3e0932080f9a89cea3b3f192e56109ee5d190c4700a223a
a6d5535eebc025b0ec950d3c1afbf12f0de0f37cdfd7b871caa667b5f62f0f6b
a96fb9133af4fc11be09fdd728b581747d02dc4f0ad430ef1b8eb1e01645d9ef
aabf437350f8ed211a46160abbbebd2367fcaacabd952f786c89c31e2a08a3fc
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
aec8d9188f95b588e43c5e1b0afdce5220b5fd187dba5d29f991951af932d26c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b49e07c2de7c7bb53245e7747ab7cf2080de11d39f4cda1fb461c1dd66ec9bb9
b5bc7ed953506310e11e30be374ff8c3f4f4e57d4cf5a9265ee213156d70439f
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f6953bfef4bf57c6c9d2a0072cc24119035aff358fea199016b820d6277f3
bdf44a7473d1aa23ccedf8d377d7d4c2b549de4c0df53d2ba4cfe0b022f0ba68
bf45fd3c4708816fbbac1013a5eeae85fb6d6bdb95324886fac2ef5e2c220678
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c5592e4bf377aad2cc585d00bca880cc50008665fda6f3b257954de7ee33055a
c5a7657aa4539fa09d984d84433d76b6ba1cc9235af3ab52b421ffa886244388
c8a7d2de002bbd0a1053fd750fa6c4dc903415b32244ec071157ef2e9dfa5d8c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce3f999598bcb04783f0ef8836f18c1e0f70ff6ad26ed5d63c484115e337e4ae
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d00b70d04e112fc2ae5939e2a4d6fe832ff7cba155c1e132e1dbb6687560ca46
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc3a842111f91bf38d5a6a85fd69ed843e8ecd8f4d390a6980f7fdd04c4a44c5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fdfa3e1e2362f9e593cb750c61e60813c2126e54d020bba1ca349aeb58701
e739a94ded503457c8474ba4f648ecf57407f6d97638e67adabe221d1b761cd1
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
eb9e92c450f398a4cf0f53ec551dd8a8c76007d5cb3cf79b87be7c18e8fdc95a
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2fb7017e6bc8245381dbd33baae80f504b44e14e61a9735939fb27fccb9ac1
f1535642f218c9e9f81c4ae8798a5a1b1ccd285b1dbb8013775b335d5a48d6da
f2f5cb21c545b0010b10a9bc7762a5376f5df10cd53aeb2db765d28afb109e9f
f312af48d9dcc5d90470fab6410aabb3b5dcb4c8aaf6e5bc4cdef61f614b9dcb
f32ce6ea4194bc7819267f4c17658ce465a5aeba7c4b9a4a188155045ab34e2e
f4278f19eb7d91370730413eb96da7a4ff47bd9e9897bc5c77287639958fa14c
f52e4e999a441c151183d77efd6dad3915e650409ea65b94b7e0fc067dcd0abd
f615ddda9de04dfef67271f735520d8a7d74380cc62ea0bdd0a184fbd798c8e7
f6cfb0d3d7be77e19468d1f315e892963adf4975af43084e66d25d5b6a7edce1
fd23ce5f4956ec9ea01e92dc40d7137c570dcb7f5b9d699d895b28a52eb9e175
fd3eec8037d2a554fa5cea4e654e265e908623e3ede0621cfb89f3aea6611386
fe1e14ed818338600a0af927ad7badc7369990f615747874ff5f50c86ab65a50
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

www.marchofdimes.org Open in urlscan Pro 2606:4700:10::6816:4345 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

303 Requests

91 %HTTPS

34 %IPv6

68 Domains

100 Subdomains

86 IPs

12 Countries

4498 kBTransfer

13420 kBSize

83 Cookies

10 Outgoing links

Page URL History

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::6816:4345 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

91 %
HTTPS

34 %
IPv6

68
Domains

100
Subdomains

86
IPs

12
Countries

4498 kB
Transfer

13420 kB
Size

83
Cookies

303 HTTP transactions
16 data transactions