yes-donate-form.mygenfcu.workers.dev Open in urlscan Pro
2606:4700:3032::6815:5493  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response yes-donate-form.mygenfcu.workers.dev/	995 B 824 B	168ms 123ms	Document text/html	2606:4700:3032::6815:5493 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yes-donate-form.mygenfcu.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5493 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be6f45bbe09308b8049c129ffdce500c4aabfbda32c9287ba031a9339fa477a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-ray 8b1b4c7f0c8518b9-FRA content-encoding br content-type text/html;charset=UTF-8 date Sun, 11 Aug 2024 21:25:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLeOEv0whXYAbht6%2F3qtDwAZTgK%2F5npTZ1rGqBzOLRnlCw03h4v%2BelRM0%2BFJdemQ3ClNtS7PBsbYZVx1sPDx47gOJ64JgKpFwsnOYj7IW5hKVCf5YG8gHmjaW3kAtFYI5wlSU7AHQApwMQipTPsWh4qHABHh2INFlSupg9wANxhXMiI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	2 KB 934 B	92ms 33ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Public%20Sans%3Aital%2Cwght%400%2C100..900%3B1%2C100..900&subset=latin%2Clatin-ext Requested by Host: yes-donate-form.mygenfcu.workers.dev URL: https://yes-donate-form.mygenfcu.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash db78da3de8a762929e0b905b95696e8194b1d4ef2a2e55a9e4da21b2fa101cd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 11 Aug 2024 21:25:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 11 Aug 2024 19:51:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 11 Aug 2024 21:25:32 GMT
GET H2	200	donate-form.css cms.texasyesproject.org/wp-content/plugins/site-settings/	3 KB 2 KB	264ms 33ms	Stylesheet text/css	151.101.2.159 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cms.texasyesproject.org/wp-content/plugins/site-settings/donate-form.css Requested by Host: yes-donate-form.mygenfcu.workers.dev URL: https://yes-donate-form.mygenfcu.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 2590cc9bb8ac04b173f6e568bf53df9f20930c47a05cc4c368459fd1cea0d191 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fw-static YES date Sun, 11 Aug 2024 21:25:33 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, HIT fastly-restarts 1 x-xss-protection 1 x-served-by cache-fra-etou8220033-FRA, cache-fra-etou8220108-FRA x-fw-type VISIT content-length 1115 referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 21:51:12 GMT server Flywheel/5.1.0 x-timer S1723411533.007781,VS0,VE2 etag W/"6691a550-d90" x-fw-hash m66eddm30p x-fw-version 5.0.0 content-type text/css vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H/1.1	200 OK	31744.js Show response s3-us-west-2.amazonaws.com/bloomerang-public-cdn/sayes/.widget-js/	4 KB 5 KB	641ms 254ms	Script text/javascript	52.218.185.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/sayes/.widget-js/31744.js Requested by Host: yes-donate-form.mygenfcu.workers.dev URL: https://yes-donate-form.mygenfcu.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.185.248 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 94edd8261716e32778d1667b116773c641ac8420922b2b7ebe5bc654ac0290a5 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Sun, 11 Aug 2024 21:25:34 GMT x-amz-version-id NLgr95bVjKFATrRitpT9LQXn6fhnCBFz Last-Modified Wed, 17 Jul 2024 17:35:23 GMT Server AmazonS3 x-amz-request-id WFFQD5NY961VVSHM ETag "d729cd77c43dab9d14c9e241c70e8b78" x-amz-server-side-encryption AES256 Content-Type text/javascript Accept-Ranges bytes Content-Length 4366 x-amz-id-2 JR0co/Z6KSkMCBSJtfZqRReuHmnqKigDDLPmEO6Dq7ecw9I3jY2ZsF5ENMmrIer4aBcJFwS4KxQ=
GET H2	200	Bloomerang-v2.js Show response crm.bloomerang.co/Content/Scripts/Api/	111 KB 19 KB	863ms 391ms	Script application/javascript	52.37.154.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/sayes/.widget-js/31744.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.37.154.125 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-154-125.us-west-2.compute.amazonaws.com Software / Resource Hash 93d45f73714cac6bb6b2d73479363689558ae2a19f967946b7ca2a9458f9d572 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:33 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 05 Aug 2024 20:21:42 GMT etag "0f931575e7da1:0" vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS content-type application/javascript accept-ranges bytes content-length 18780
GET H2	200	jquery-1.8.3.js Show response ajax.aspnetcdn.com/ajax/jQuery/	261 KB 102 KB	132ms 29ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.8.3.js Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C97) / Resource Hash b79048269194de2a460e6b267695f420be996434fad12f90e3712a1c5b3b2544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:34 GMT content-encoding gzip x-content-type-options nosniff age 2679179 x-cache HIT content-length 104531 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:11:00 GMT server ECAcc (frc/4C97) etag "1c3899bcc33d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	accounting.min.js Show response crm.bloomerang.co/Content/Scripts/Lib/	4 KB 2 KB	200ms 200ms	Script application/javascript	52.37.154.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://crm.bloomerang.co/Content/Scripts/Lib/accounting.min.js Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.37.154.125 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-154-125.us-west-2.compute.amazonaws.com Software / Resource Hash ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:34 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 27 Apr 2023 18:09:24 GMT etag "0e2a8653379d91:0" vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS content-type application/javascript accept-ranges bytes content-length 1625
GET H3	200	favicon.ico yes-donate-form.mygenfcu.workers.dev/	995 B 790 B	35ms 34ms	Other text/html	2606:4700:3032::6815:5493 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yes-donate-form.mygenfcu.workers.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5493 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be6f45bbe09308b8049c129ffdce500c4aabfbda32c9287ba031a9339fa477a5 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:34 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5ka%2Fes1H0ij6N009Il3Og8CDUg7qU8TTMBqDJAWaBTWGo8%2FHyX5mlhj2UR5IT7LX3T8V7Cvr%2FfLFQvkGpD2FhITjkxoO8N6XMsdeoLb%2Fk1s%2FI3rPntAieyVGGEM86m1Gj9NxZBxSAgxjRJS95BtryuPv4NR6siR%2FLYS1ZF8zk0mHcI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 8b1b4c8a8f6a18b9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.validate.min.js Show response ajax.aspnetcdn.com/ajax/jquery.validate/1.9/	21 KB 6 KB	31ms 31ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CBE) / Resource Hash a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:34 GMT content-encoding gzip x-content-type-options nosniff age 12159398 x-cache HIT content-length 6501 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:42:34 GMT server ECAcc (frc/4CBE) etag "011774d033d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	additional-methods.min.js Show response ajax.aspnetcdn.com/ajax/jquery.validate/1.9/	8 KB 3 KB	31ms 31ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/additional-methods.min.js Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C95) / Resource Hash 5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:34 GMT content-encoding gzip x-content-type-options nosniff age 12159532 x-cache HIT content-length 2982 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:42:34 GMT server ECAcc (frc/4C95) etag "9ae64874d033d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
POST H2	200	31744 Show response api.bloomerang.co/v1/Widget/	76 KB 77 KB	1068ms 1067ms	XHR application/json	52.43.216.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bloomerang.co/v1/Widget/31744?ApiKey=pub_3535f619-38a4-11ea-8134-0ab2f2f28c00 Requested by Host: ajax.aspnetcdn.com URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.8.3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.43.216.220 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-43-216-220.us-west-2.compute.amazonaws.com Software / Resource Hash 20f4041481dafeab5bec436d6636799837358d40b32fcb7f7a859a77933f7708 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers pragma no-cache date Sun, 11 Aug 2024 21:25:36 GMT x-correlation-id f6e9ddf4-2e16-4ae5-9d2a-946b98810667 strict-transport-security max-age=31536000 access-control-allow-methods POST,GET,PUT,DELETE,HEAD,OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-headers Content-Type,Authorization,x-api-key content-length 78092 expires -1
OPTIONS H2	200	31744 api.bloomerang.co/v1/Widget/ Frame	0 0	745ms 325ms	Preflight	52.43.216.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bloomerang.co/v1/Widget/31744?ApiKey=pub_3535f619-38a4-11ea-8134-0ab2f2f28c00 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.43.216.220 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-43-216-220.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://yes-donate-form.mygenfcu.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Authorization,x-api-key access-control-allow-methods POST,GET,PUT,DELETE,HEAD,OPTIONS access-control-allow-origin * cache-control no-cache content-length 0 date Sun, 11 Aug 2024 21:25:35 GMT expires -1 pragma no-cache strict-transport-security max-age=31536000
GET H2	200	/ Show response js.stripe.com/v3/	637 KB 156 KB	95ms 30ms	Script text/javascript	52.222.236.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-29.fra56.r.cloudfront.net Software Cloudfront / Resource Hash 7cd344c87b1ee30e4365d72d7c1cfd364771d612c14d2741840292cfc126ac88 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:37 GMT content-encoding br via 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 11 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Sat, 10 Aug 2024 19:43:52 GMT server Cloudfront etag W/"ac763ef25f397140f139e3eb6124100c" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id vhlfafE4Ywn9oOOKkNrhkw2Z0zvPYT7JX3cH5BSkVSW_L0ZvH3OzKQ==
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 987 B	77ms 33ms	Script text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=captchaLoadCallback&render=explicit Requested by Host: crm.bloomerang.co URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1718376705 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e603b11bbb68df8cfdeee9f4c1ea6190ff22dda5c236dc79a5a4fd122aacd46c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 21:25:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 11 Aug 2024 21:25:37 GMT
GET H2	200	ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 fonts.gstatic.com/s/publicsans/v15/	26 KB 26 KB	75ms 23ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Public%20Sans%3Aital%2Cwght%400%2C100..900%3B1%2C100..900&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://yes-donate-form.mygenfcu.workers.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 14:56:25 GMT x-content-type-options nosniff age 455352 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26244 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:34:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 14:56:25 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/	534 KB 213 KB	96ms 22ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=captchaLoadCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ Origin https://yes-donate-form.mygenfcu.workers.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 14:50:07 GMT content-encoding gzip x-content-type-options nosniff age 23730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217245 x-xss-protection 0 last-modified Tue, 06 Aug 2024 00:43:36 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 11 Aug 2025 14:50:07 GMT
GET H2	200	controller-with-preconnect-6b89a38d4a34ff9a097b22ae6e040170.html js.stripe.com/v3/ Frame CFEA	0 0	62ms 21ms	Document text/html	52.222.236.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-6b89a38d4a34ff9a097b22ae6e040170.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-74.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 56 alt-svc h3=":443"; ma=86400 cache-control max-age=60, stale-while-revalidate=900 content-length 651 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 11 Aug 2024 21:25:09 GMT etag "6b89a38d4a34ff9a097b22ae6e040170" last-modified Sat, 10 Aug 2024 19:01:33 GMT origin-agent-cluster ?1 server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront) x-amz-cf-id YKxhwLSfpJhxNY4Qqaa_1ujLJRmSkatl-4tiWX-iuqdvILHN00VuRA== x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-bee7bfd52e473ffdac0a294b3d166e2f.html js.stripe.com/v3/ Frame BD72	0 0	63ms 28ms	Document text/html	52.222.236.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-bee7bfd52e473ffdac0a294b3d166e2f.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-74.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * age 1103 alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 content-encoding gzip content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 11 Aug 2024 21:16:06 GMT etag W/"bee7bfd52e473ffdac0a294b3d166e2f" last-modified Sat, 10 Aug 2024 19:01:33 GMT origin-agent-cluster ?1 server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront) x-amz-cf-id HJH7BPxytS3gllPvT6cAgzRTdPsxbAhWd-DhAhw-zxl_U3U8zJAnhA== x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 7687	0 0	95ms 51ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfr5r4dAAAAAIpQj52AVF9y9WgZ0gM4KRrVgig8&co=aHR0cHM6Ly95ZXMtZG9uYXRlLWZvcm0ubXlnZW5mY3Uud29ya2Vycy5kZXY6NDQz&hl=de&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=normal&cb=cyyj1174tv0u Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bL9rxdy9GFngVhP0rKr6Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yes-donate-form.mygenfcu.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-bL9rxdy9GFngVhP0rKr6Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 21:25:37 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| bloomerangLoadStarted object| Bloomerang function| $ function| jQuery object| accounting function| toggleOtherAmountRequired function| collectPayment function| submitDonation function| captchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunkStripeJSouter function| noop function| Stripe object| recaptcha

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.bloomerang.co
cms.texasyesproject.org
crm.bloomerang.co
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
s3-us-west-2.amazonaws.com
www.google.com
www.gstatic.com
yes-donate-form.mygenfcu.workers.dev
151.101.2.159
152.199.19.160
2606:4700:3032::6815:5493
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
52.218.185.248
52.222.236.29
52.222.236.74
52.37.154.125
52.43.216.220
20f4041481dafeab5bec436d6636799837358d40b32fcb7f7a859a77933f7708
2590cc9bb8ac04b173f6e568bf53df9f20930c47a05cc4c368459fd1cea0d191
3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a
7cd344c87b1ee30e4365d72d7c1cfd364771d612c14d2741840292cfc126ac88
93d45f73714cac6bb6b2d73479363689558ae2a19f967946b7ca2a9458f9d572
94edd8261716e32778d1667b116773c641ac8420922b2b7ebe5bc654ac0290a5
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
b79048269194de2a460e6b267695f420be996434fad12f90e3712a1c5b3b2544
be6f45bbe09308b8049c129ffdce500c4aabfbda32c9287ba031a9339fa477a5
db78da3de8a762929e0b905b95696e8194b1d4ef2a2e55a9e4da21b2fa101cd2
e603b11bbb68df8cfdeee9f4c1ea6190ff22dda5c236dc79a5a4fd122aacd46c
ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555