urlscan.io logo urlscan.io
SecurityTrails logo

secure.nzf.org.uk Open in urlscan Pro
217.27.252.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.nzf.org.uk/
Effective URL: https://secure.nzf.org.uk/
Submission: On April 20 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 6 countries across 38 domains to perform 107 HTTP transactions. The main IP is 217.27.252.167, located in United Kingdom and belongs to POBOX-AS, GB. The main domain is secure.nzf.org.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 22nd 2022. Valid for: a year.
This is the only time secure.nzf.org.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 217.27.252.167 29006 (POBOX-AS)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.250.209.96 16509 (AMAZON-02)
3 143.204.98.3 16509 (AMAZON-02)
1 35.241.14.239 15169 (GOOGLE)
1 108.157.4.19 16509 (AMAZON-02)
6 151.101.1.21 54113 (FASTLY)
1 2600:1901:0:4... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.128.65 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.185.226 15169 (GOOGLE)
1 143.204.98.82 16509 (AMAZON-02)
1 65.9.63.11 16509 (AMAZON-02)
2 151.101.194.133 54113 (FASTLY)
2 151.101.193.35 54113 (FASTLY)
7 10 52.208.74.227 16509 (AMAZON-02)
1 143.204.98.33 16509 (AMAZON-02)
1 3 52.49.120.18 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.102 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 104.45.184.134 8075 (MICROSOFT...)
1 3 185.33.221.13 29990 (ASN-APPNEX)
2 104.244.42.195 13414 (TWITTER)
1 1 104.75.88.126 16625 (AKAMAI-AS)
1 34.226.73.205 14618 (AMAZON-AES)
1 2 18.156.0.31 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 142.250.184.226 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 199.232.188.157 54113 (FASTLY)
2 2620:116:800d... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 34.107.173.171 15169 (GOOGLE)
2 54.186.23.98 16509 (AMAZON-02)
2 151.101.0.176 54113 (FASTLY)
1 104.244.42.5 13414 (TWITTER)
1 2600:9000:215... 16509 (AMAZON-02)
1 35.155.80.215 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.193.173 15169 (GOOGLE)
107 46
17    217.27.252.167 (United Kingdom)

ASN29006 (POBOX-AS, GB)
PTR: host-167-252-27-217.as29006.net
secure.nzf.org.uk
donation-api.nzf.org.uk
3    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.250.209.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: webservices.securetrading.net
webservices.securetrading.net
3    143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net
js.stripe.com
1    35.241.14.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.14.241.35.bc.googleusercontent.com
pay.gocardless.com
1    108.157.4.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-19.dus51.r.cloudfront.net
givematch.com
6    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.128.65 (United States)

ASN54113 (FASTLY, US)
tag.marinsm.com
7    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
static.hotjar.com
1    65.9.63.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-11.fra56.r.cloudfront.net
cdn.audiencemanager.de
2    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
10    52.208.74.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-74-227.eu-west-1.compute.amazonaws.com
pixel-geo.prfct.co
1    143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net
script.hotjar.com
3    52.49.120.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-120-18.eu-west-1.compute.amazonaws.com
prf.audiencemanager.de
www.audiencemanager.de
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
4    104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.clarity.ms
3    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
cw.addthis.com
1    34.226.73.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-73-205.compute-1.amazonaws.com
pixel.prfct.co
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    34.107.173.171 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 171.173.107.34.bc.googleusercontent.com
consentag.eu
2    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2600:9000:2156:0:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    35.155.80.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-80-215.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
Apex Domain
Subdomains		 Transfer
17 nzf.org.uk
secure.nzf.org.uk
donation-api.nzf.org.uk
7 MB
11 prfct.co
pixel-geo.prfct.co — Cisco Umbrella Rank: 15817
pixel.prfct.co — Cisco Umbrella Rank: 15862
5 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2500
t.paypal.com — Cisco Umbrella Rank: 3392
99 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
22 KB
6 clarity.ms
a.clarity.ms — Cisco Umbrella Rank: 2118
c.clarity.ms — Cisco Umbrella Rank: 637
24 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
5 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1147
q.stripe.com — Cisco Umbrella Rank: 6870
m.stripe.com — Cisco Umbrella Rank: 1057
81 KB
5 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3132
978 B
5 google.com
www.google.com — Cisco Umbrella Rank: 4
978 B
4 audiencemanager.de
cdn.audiencemanager.de — Cisco Umbrella Rank: 154426
prf.audiencemanager.de — Cisco Umbrella Rank: 128146
www.audiencemanager.de — Cisco Umbrella Rank: 143504
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
c.bing.com — Cisco Umbrella Rank: 234
13 KB
3 consentag.eu
consentag.eu — Cisco Umbrella Rank: 38698
8 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 438
3 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 621
script.hotjar.com — Cisco Umbrella Rank: 818
vars.hotjar.com — Cisco Umbrella Rank: 999
67 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 897
57 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
30 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
501 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1203
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
pixel.quantserve.com — Cisco Umbrella Rank: 423
10 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
576 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 524
554 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1886
33 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
121 KB
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 4464
311 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
671 B
1 t.co
t.co — Cisco Umbrella Rank: 476
337 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 619
10 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
239 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 411
274 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1397
453 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
1 marinsm.com
tag.marinsm.com — Cisco Umbrella Rank: 31040
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
996 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 2761
18 KB
1 givematch.com
givematch.com
6 KB
1 gocardless.com
pay.gocardless.com — Cisco Umbrella Rank: 710610
3 KB
1 securetrading.net
webservices.securetrading.net — Cisco Umbrella Rank: 473816
231 KB
107 38
Domain Requested by
13 secure.nzf.org.uk 1 redirects secure.nzf.org.uk
10 pixel-geo.prfct.co 7 redirects secure.nzf.org.uk
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 www.paypal.com secure.nzf.org.uk
www.paypal.com
www.paypalobjects.com
5 www.google.co.uk secure.nzf.org.uk
5 www.google.com secure.nzf.org.uk
4 a.clarity.ms bat.bing.com
a.clarity.ms
4 donation-api.nzf.org.uk secure.nzf.org.uk
3 consentag.eu www.googletagmanager.com
consentag.eu
cdnjs.cloudflare.com
3 secure.adnxs.com 1 redirects www.audiencemanager.de
3 googleads.g.doubleclick.net www.googleadservices.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.nzf.org.uk
3 js.stripe.com secure.nzf.org.uk
js.stripe.com
3 unpkg.com 1 redirects secure.nzf.org.uk
unpkg.com
2 cdnjs.cloudflare.com consentag.eu
2 www.facebook.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com secure.nzf.org.uk
2 connect.facebook.net secure.nzf.org.uk
connect.facebook.net
2 c.clarity.ms 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 analytics.twitter.com
2 stats.g.doubleclick.net www.google-analytics.com
2 prf.audiencemanager.de 1 redirects secure.nzf.org.uk
2 t.paypal.com secure.nzf.org.uk
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 www.googletagmanager.com secure.nzf.org.uk
1 i.ctnsnet.com consentag.eu
1 pixel.quantserve.com
1 m.stripe.com m.stripe.network
1 rules.quantcount.com secure.quantserve.com
1 t.co
1 secure.quantserve.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 c.bing.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 pixel.rubiconproject.com
1 us-u.openx.net
1 pixel.prfct.co
1 cw.addthis.com 1 redirects
1 www.audiencemanager.de prf.audiencemanager.de
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn.audiencemanager.de www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 tag.marinsm.com www.googletagmanager.com
1 fonts.googleapis.com givematch.com
1 cdn.mxpnl.com givematch.com
1 givematch.com secure.nzf.org.uk
1 pay.gocardless.com secure.nzf.org.uk
1 webservices.securetrading.net secure.nzf.org.uk
107 52

This site contains no links.

Subject Issuer Validity Valid
*.nzf.org.uk
Go Daddy Secure Certificate Authority - G2		 2022-01-22 -
2023-02-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
webservices.securetrading.net
GeoTrust RSA CA 2018		 2022-04-13 -
2023-04-13		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
*.gocardless.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-03 -
2023-02-10		 a year crt.sh
givematch.com
Amazon		 2021-09-28 -
2022-10-27		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
tag.marinsm.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.audiencemanager.de
Go Daddy Secure Certificate Authority - G2		 2021-10-11 -
2022-09-13		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.prfct.co
Sectigo RSA Domain Validation Secure Server CA		 2021-11-02 -
2022-11-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-27 -
2022-04-27		 3 months crt.sh
consentag.eu
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-15 -
2022-07-16		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-12		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 7 frames:

Primary Page: https://secure.nzf.org.uk/
Frame ID: DD95A3F62C21F5507BA603E0ABA96CAA
Requests: 89 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: B7D7CE42BFE0181C17E56C97ADAC44EA
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 0076C1534B63069FC99BFA3343B44C75
Requests: 1 HTTP requests in this frame

Frame: https://www.audiencemanager.de/log/profile/get-piggybacks?pid=6086d04620899c5956708977&requesterId=5378d162602929d932c493122711474485564&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
Frame ID: 22661F87BF248D40EE9CB263C4C322BD
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: 39417EBD7B70F6B942CD3D07CCFA373C
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8747B9E5CB8D7A431500A74DFC488522
Requests: 4 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: 6EBB8F2C7D807C150647AD8DD877F8A5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NZF

Page URL History Show full URLs

  1. http://secure.nzf.org.uk/ HTTP 301
    https://secure.nzf.org.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

90 %
HTTPS

31 %
IPv6

38
Domains

52
Subdomains

46
IPs

6
Countries

8275 kB
Transfer

10457 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.nzf.org.uk/ HTTP 301
    https://secure.nzf.org.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1 HTTP 302
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
Request Chain 35
  • https://pixel-geo.prfct.co/tagjs?a_id=58551&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58551&source=js_tag
Request Chain 42
  • https://prf.audiencemanager.de/log/profile/user-match?type=js&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&oreferer=&lsUserId=null HTTP 307
  • https://prf.audiencemanager.de/log/profile/user-match?lsUserId=null&oreferer=&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&type=js&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
Request Chain 65
  • https://secure.adnxs.com/seg?add=26327657&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26327657%26t%3D2
Request Chain 67
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PI2k8ote5sWPUsDQk
Request Chain 68
  • https://pixel-geo.prfct.co/cs/?partnerId=crw HTTP 302
  • https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_PI2k8ote5sWPUsDQk&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw HTTP 302
  • https://pixel.prfct.co/cb?partnerId=crw
Request Chain 69
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1&verify=true
Request Chain 70
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PI2k8ote5sWPUsDQk
Request Chain 71
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PI2k8ote5sWPUsDQk
Request Chain 72
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUEkyazhvdGU1c1dQVXNEUWs HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 75
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&RedC=c.clarity.ms&MXFR=383C966704196EA8134787EB00196051 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&MUID=3B4F63581EA46EBD3EA472D41FC76F99

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.nzf.org.uk/
Redirect Chain
  • http://secure.nzf.org.uk/
  • https://secure.nzf.org.uk/
1005 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
da5eeb54c95a001d3020eff05d3387ecff44ee4b3d772ae45c270df75bd0e221

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Apr 2022 15:39:20 GMT
etag
W/"62595aed-3ed"
last-modified
Fri, 15 Apr 2022 11:45:49 GMT
server
nginx/1.14.0 (Ubuntu)

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html
Date
Wed, 20 Apr 2022 15:39:19 GMT
Location
https://secure.nzf.org.uk/
Server
nginx/1.14.0 (Ubuntu)
ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30978388
fly-request-id
01F48JR2V7DZFH7X445N9ZGYGE
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6feef8db2a7f2373-ZRH
app.163f7143.css
secure.nzf.org.uk/static/css/ 		6 MB
6 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/css/app.163f7143.css
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
099c454f2c8cb6a9ecffc45feff64aebc855c8cf0345027628c53168b6fd904c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:20 GMT
last-modified
Fri, 15 Apr 2022 11:44:33 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595aa1-594f90"
content-length
5853072
content-type
text/css
chunk-vendors.7cbd1608.css
secure.nzf.org.uk/static/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/css/chunk-vendors.7cbd1608.css
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
61077d736b15e17d02e1c987d307c1dc83a541d0c5681526a2a0a8ecf46283a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:20 GMT
last-modified
Fri, 15 Apr 2022 11:44:34 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595aa2-fc7"
content-length
4039
content-type
text/css
app.c634e944.js
secure.nzf.org.uk/static/js/ 		340 KB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/js/app.c634e944.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f903edbbfcb600e7739bed7ccf6bb17e4dbbe1145e2b094e0cb12d5a2dd58b8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:20 GMT
last-modified
Fri, 15 Apr 2022 11:45:44 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595ae8-54e3f"
content-length
347711
content-type
application/javascript; charset=utf-8
chunk-vendors.fd6787cc.js
secure.nzf.org.uk/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
28efcfa0a14a4e02d587057f45f2d35f3a33db1f6240f243a899132a88c99c4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:20 GMT
last-modified
Fri, 15 Apr 2022 11:45:46 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595aea-108dee"
content-length
1084910
content-type
application/javascript; charset=utf-8
gtm.js
www.googletagmanager.com/ 		294 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ca61579acd1ec1731bdc065a5016742d44d3da8320a40c308147c77559cd659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84383
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 15:39:21 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74254724-1&l=dataLayer
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84f317fa917b73043e02da7e7bcc480d9175dce107c26952821cbee94e692660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38717
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 15:39:21 GMT
st.js
webservices.securetrading.net/js/v2/ 		807 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.securetrading.net/js/v2/st.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/app.c634e944.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.250.209.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
webservices.securetrading.net
Software
Apache /
Resource Hash
91d868341b141904700858eee35f9ab0780bf53442ae85f0d947f212fc939daf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 15:39:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 04 Jun 2021 10:15:50 GMT
Server
Apache
ETag
"c9b54-5c3edf9dc443f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Cache-control
max-age=300
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
/
js.stripe.com/v3/ 		297 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/app.c634e944.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-3.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bc5666913625baa75c916bc632888087b074bd5cf3920050016fe4cbb2be4711
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
39
x-cache
Hit from cloudfront
date
Wed, 20 Apr 2022 15:38:43 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2022 18:49:09 GMT
server
Cloudfront
etag
W/"5642e089d2229706c304e0bf645c2e03"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
VqOC0MtieOYVTw1i7XVhpP2L6eT9_jj1OCFh5Zk8Iltkv9SNrq15MQ==
initialise.js
pay.gocardless.com/billing/static/dropin/v2/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.gocardless.com/billing/static/dropin/v2/initialise.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/app.c634e944.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.14.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d71028e499e08e275585f8649e79a13542491f39778f55976f8e7344f485d35b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1650468912
x-guploader-uploadid
ADPycduKzAvmkt8ZAlTsdVaC1lJyf0syapxzZ1jaKh6_TLrV-sds_-UKvTFE5moKvdXHBq2tOG9m7JFoEnTVSE3A3R7O
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3043
last-modified
Wed, 20 Apr 2022 15:36:25 GMT
server
UploadServer
etag
"9c3c7a093e75e45b4479c0f8998fc585"
x-goog-hash
crc32c=KIC7rg==, md5=nDx6CT515FtEecD4mY/FhQ==
x-goog-generation
1650468985568510
cache-control
no-store
x-goog-stored-content-length
3043
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 Apr 2023 15:39:21 GMT
widget.js
givematch.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://givematch.com/widget.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/app.c634e944.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2052e6af8d4e2975ad4a5d17cc08c0b4268364a388bf3ffd55653c70c67727ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 07:25:55 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 12:44:25 GMT
server
AmazonS3
age
29607
etag
W/"2164acf2817b48d5235df5838ae9de7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
owWDjxCFTnWVdCNsgapiQxslqUaDY4uc_2MZevPi9emFcfb9hGS5wQ==
js
www.paypal.com/sdk/ 		296 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AfSAV3srcxqjp_pnbXo-kCdrr8GqEdMhRu6E2zYX6JZWGZRELD9eW54qxHQZAu0_WbAbgfpK83wXVM-Q&disable-funding=credit,card,venmo,sofort&locale=en_GB&currency=GBP
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/app.c634e944.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c805d9d73b6d9b0a1b13d6d64d585b446b69b7f89fc7ed55a3a8b824d5bcdf5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-cK0E6QL1G/Zjfh6Uh2DZMeipF1AKRQg5OfFxEG2DCRCkw7Zi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-cK0E6QL1G/Zjfh6Uh2DZMeipF1AKRQg5OfFxEG2DCRCkw7Zi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-cK0E6QL1G/Zjfh6Uh2DZMeipF1AKRQg5OfFxEG2DCRCkw7Zi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-cK0E6QL1G/Zjfh6Uh2DZMeipF1AKRQg5OfFxEG2DCRCkw7Zi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
6556
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f7369069a2568
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
90000
x-xss-protection
1; mode=block
x-served-by
cache-lhr7339-LHR, cache-lcy19257-LCY
x-timer
S1650469161.127264,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 20 Apr 2022 15:39:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"15f90-WTCSfnMRJx0l07jJmI8ztJSmemI"
accept-ranges
bytes
x-cache-hits
1, 1
nisab
donation-api.nzf.org.uk/api/ 		95 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donation-api.nzf.org.uk/api/nisab
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a140ecad382b75c04649ab0ae298cb68ea7e7944edc52c6abb69d6d4f0c19b0

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:24 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-ratelimit-remaining
59996
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
60000
labels
donation-api.nzf.org.uk/api/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://donation-api.nzf.org.uk/api/labels
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
af2032367e579e577766055afa8c55b6b7366cfc17351e8d931a120bdc761182

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
x-ratelimit-remaining
59996
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
60000
gateways
donation-api.nzf.org.uk/api/ 		421 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donation-api.nzf.org.uk/api/gateways
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f51d5633afbc7896c9e77e0f11b5c01e4f14acfbf4cc7a63e76253b3fbf79df5

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
x-ratelimit-remaining
59996
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
60000
settings
donation-api.nzf.org.uk/api/ 		500 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donation-api.nzf.org.uk/api/settings
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/js/chunk-vendors.fd6787cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1074f004ee848c690ef0de1acd47138da9e6696329be10e220cf1c63b723130b

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
x-ratelimit-remaining
59996
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
60000
gilroy_bold-webfont.woff
secure.nzf.org.uk/static/fonts/gilroy/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/fonts/gilroy/gilroy_bold-webfont.woff
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/css/app.163f7143.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3657766e1141155b83d466e8e046f0f0995aa7a9b8fae077406c29538a167ac8

Request headers

Referer
https://secure.nzf.org.uk/static/css/app.163f7143.css
Origin
https://secure.nzf.org.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:44:37 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595aa5-6cd0"
content-length
27856
content-type
application/font-woff
ionicons.woff2
unpkg.com/ionicons@4.5.10-0/dist/fonts/
Redirect Chain
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30972120
fly-request-id
01F48RQB81KCDBKF0VD23PSJ7P
vary
Accept-Encoding
content-length
50556
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
"c57c-YMnhCnCYFRSL9KmzM6OWaSc5zVw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6feef8e3af8c01e3-ZRH

Redirect headers

date
Wed, 20 Apr 2022 15:39:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G13SM7RM51ZH7W7S486PZ0M7-fra
server
cloudflare
age
436
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6feef8e2adba01e3-ZRH
access-control-allow-origin
*
Pines-Black.woff
secure.nzf.org.uk/static/fonts/pines/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/fonts/pines/Pines-Black.woff
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/css/app.163f7143.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3b9c69025c935ebe64f758a4ead0f2a1b4686706dbe498c6a76e75c7aedaa600

Request headers

Referer
https://secure.nzf.org.uk/static/css/app.163f7143.css
Origin
https://secure.nzf.org.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:45:31 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595adb-d244"
content-length
53828
content-type
application/font-woff
gilroyregular-webfont.woff
secure.nzf.org.uk/static/fonts/gilroy/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.nzf.org.uk/static/fonts/gilroy/gilroyregular-webfont.woff
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/static/css/app.163f7143.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aab1c601178cc4bd8096aaa08aebdbf49257761c2538abe32b07502252803085

Request headers

Referer
https://secure.nzf.org.uk/static/css/app.163f7143.css
Origin
https://secure.nzf.org.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:44:37 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595aa5-66fc"
content-length
26364
content-type
application/font-woff
nzf-logo.svg
secure.nzf.org.uk/static/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.nzf.org.uk/static/img/nzf-logo.svg
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a7a669b63d8ee9610a7e7dbdcd8f07710028377bd0ed45a77f5f132956ed145

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:45:40 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595ae4-31cb"
content-length
12747
content-type
image/svg+xml
nzf-logo-small.svg
secure.nzf.org.uk/static/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.nzf.org.uk/static/img/nzf-logo-small.svg
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c79e95c8f0beb42eff39de18e2b84f4b14a7a0bb49ea824c6e842788d4c6cdca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:45:39 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595ae3-6d0"
content-length
1744
content-type
image/svg+xml
nzf-calculate.svg
secure.nzf.org.uk/static/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.nzf.org.uk/static/img/nzf-calculate.svg
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f09e77270d22f1bd200fb21edc30f999e3ff4fa39bb0fb46a1633028da3b1b93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:45:39 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595ae3-f38"
content-length
3896
content-type
image/svg+xml
save-logo.png
secure.nzf.org.uk/static/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.nzf.org.uk/static/img/save-logo.png
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.27.252.167 , United Kingdom, ASN29006 (POBOX-AS, GB),
Reverse DNS
host-167-252-27-217.as29006.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2a44a31792c0da1b04f7cdd8a77585dea2d17241dd1eb064a8f25b3661f775a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
last-modified
Fri, 15 Apr 2022 11:45:41 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62595ae5-2776"
content-length
10102
content-type
image/png
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: givematch.com
URL: https://givematch.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:30:28 GMT
content-encoding
gzip
age
533
x-guploader-uploadid
ADPycdsXUzFVJhtE-3FMaMuR_TPLpEDTpomc0Qh8QSTtKsvwuG5nWNGuI6DlPP--oNb1G5m2bcCqURXJHJBYIujjJReesQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation
1645129310876382
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 20 Apr 2022 15:40:28 GMT
css2
fonts.googleapis.com/ 		3 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;500;700&display=swap
Requested by
Host: givematch.com
URL: https://givematch.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d842aa239f3c48b15c775462e18f0920578359ed61298b8a0e891444e635bc8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 15:36:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Apr 2022 15:39:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Apr 2022 15:39:21 GMT
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.nzf.org.uk&t=xo&v=5.0.306&source=payments_sdk&client_id=AfSAV3srcxqjp_pnbXo-kCdrr8GqEdMhRu6E2zYX6JZWGZRELD9eW54qxHQZAu0_WbAbgfpK83wXVM-Q&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfSAV3srcxqjp_pnbXo-kCdrr8GqEdMhRu6E2zYX6JZWGZRELD9eW54qxHQZAu0_WbAbgfpK83wXVM-Q&disable-funding=credit,card,venmo,sofort&locale=en_GB&currency=GBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79b62a4a524a4adaae1a2fbbf2e5a9f95f43d31ec5733713e30efa48bbe86bf3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PxGMjOre/WKEMvptsytgzIeCHTWdPe0Fhy6nXpPw9k/vm9n0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PxGMjOre/WKEMvptsytgzIeCHTWdPe0Fhy6nXpPw9k/vm9n0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
61254
x-cache
HIT, HIT
paypal-debug-id
f995119d7aa27
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4754
x-xss-protection
1; mode=block
x-served-by
cache-lhr7380-LHR, cache-lcy19257-LCY
x-timer
S1650469162.516410,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 20 Apr 2022 15:39:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"3547-iJaVhJl3+qsef4f3DqRNUaRAM6k"
accept-ranges
bytes
x-cache-hits
1, 1
56ebc2e2a0e716fa8f000073.js
tag.marinsm.com/serve/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.marinsm.com/serve/56ebc2e2a0e716fa8f000073.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
270d006a6623b6e5ef9b67d2c5ecc4b4f1b3f0815d1e9c63c9535ecdb3105e6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 15:39:21 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Age
421
X-Cache
HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4064
X-Served-By
cache-lcy19271-LCY
Server
Cowboy
X-Timer
S1650469162.618050,VS0,VE1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
271
date
Wed, 20 Apr 2022 15:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 17:34:50 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8F297F86CF2F49A383C21ECE2351666F Ref B: LTSEDGE1012 Ref C: 2022-04-20T15:39:21Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 20 Apr 2022 15:39:21 GMT
accept-ranges
bytes
content-length
11333
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:39:21 GMT
hotjar-1645303.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1645303.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
ca4c7b946a6ab511742bcc5362b69bdffc0b8067edf981c5ac5ad267327b5cab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/c2ed50aab1096b4091bd217fbe5969b4
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
y5jp1Lvj2ZJof9tDCsstcYr-JgekPxju81dBxWOQ3Y2X7QUzT5bTNg==
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
propixel.min.js
cdn.audiencemanager.de/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencemanager.de/propixel.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dfc0200a3d149d4ab831f8e2ac4839cde1cc0636c38397ea01235e7a4c8b84a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
ej7TLXieb23YcuEZQ47ISwKP2p.816kS
Via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
Last-Modified
Mon, 31 May 2021 14:16:10 GMT
Server
AmazonS3
Age
36627
ETag
"bc252e2f7a877163acfee65967afa37c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 20 Apr 2022 05:28:55 GMT
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1354
X-Amz-Cf-Id
M7IyN6NYg5IV7kFjZazKlac-WrdJZTtNbNL5Qc0PqXVNfjqyJQr_2g==
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.nzf.org.uk&t=xo&v=5.0.306&source=payments_sdk&client_id=AfSAV3srcxqjp_pnbXo-kCdrr8GqEdMhRu6E2zYX6JZWGZRELD9eW54qxHQZAu0_WbAbgfpK83wXVM-Q&vault=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
f8b7c154659f9
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16529
x-served-by
cache-sjc10051-SJC, cache-lcy19276-LCY
last-modified
Thu, 10 Mar 2022 18:16:31 GMT
x-timer
S1650469162.636715,VS0,VE0
etag
W/"622a407f-dad7"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 238524
ts
t.paypal.com/ 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A2586NC3YQ8KHN-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A2586NC3YQ8KHN-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3875d4fa-c57a-414c-a745-920fccf55a82&fltp=analytics&mrid=2586NC3YQ8KHN&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=NZF&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1650469161547&g=0&completeurl=https%3A%2F%2Fsecure.nzf.org.uk%2F
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
7c971619f1948
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7344-LHR, cache-lcy19265-LCY
pragma
no-cache
x-timer
S1650469162.645291,VS0,VE149
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:39:21 GMT
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=58551&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58551&source=js_tag
136 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58551&source=js_tag
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
HTTP/1.1
Server
52.208.74.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-74-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0a9b757e3fa385da893ca3d5d82040e835987113003f25a68c1e6bd961d67407

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
136
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58551&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1645303.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-33.fra50.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
622215
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZTD9cfgLPA0xbxwHI5xF632zweNhN7Flh0o5RiP3DePSE4r1e1Mi2Q==
26046331.js
bat.bing.com/p/action/ 		844 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26046331.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ac8efa339da3ad175a8f8c4e43f2822b2cb5e695a8e86a424b00bdfb3b468b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C8E34664C83144108CBED72007D888BA Ref B: LTSEDGE1012 Ref C: 2022-04-20T15:39:21Z
date
Wed, 20 Apr 2022 15:39:21 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
667
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26046331&tm=gtm002&Ver=2&mid=7323411e-d0b0-47a5-9ea3-12b879a17a05&sid=0c702cc0c0c011ec9cb7a90a4973d8f1&vid=0c706020c0c011ecbc66395fcea720b4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NZF&p=https%3A%2F%2Fsecure.nzf.org.uk%2F&r=&lt=1115&evt=pageLoad&msclkid=N&sv=1&rn=978869
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0465DF38757541CF99CF0441F8FBF3FB Ref B: LTSEDGE1012 Ref C: 2022-04-20T15:39:21Z
date
Wed, 20 Apr 2022 15:39:21 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame B7D7 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16790
content-type
text/html
date
Wed, 20 Apr 2022 15:39:21 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"622a407f-d994"
last-modified
Thu, 10 Mar 2022 18:16:31 GMT
paypal-debug-id
2e5f1924de6ae
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 265472
x-content-type-options
nosniff
x-served-by
cache-sjc10059-SJC, cache-lcy19276-LCY
x-timer
S1650469162.682798,VS0,VE0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 14:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
3155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Apr 2022 15:46:46 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1355695778&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&ul=en-us&de=UTF-8&dt=NZF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEALBAAAAC~&jid=1834508646&gjid=26079608&cid=195582403.1650469162&tid=UA-74254724-1&_gid=173907133.1650469162&_r=1&gtm=2wg4i15WPG8JF&z=1847446490
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.nzf.org.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-match
prf.audiencemanager.de/log/profile/
Redirect Chain
  • https://prf.audiencemanager.de/log/profile/user-match?type=js&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&oreferer=&lsUserId=null
  • https://prf.audiencemanager.de/log/profile/user-match?lsUserId=null&oreferer=&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&type=js&cookieId=5d7422a9a30fbf46d19bf60c4b69...
552 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prf.audiencemanager.de/log/profile/user-match?lsUserId=null&oreferer=&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&type=js&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Server
52.49.120.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-120-18.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
9e7188322bd10ecbadc79aa994fede5a27cb346f86039be3da8ef46d6db296e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
5378d162602929d932c493122711474485564
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-80
responsetime
10
content-type
js
content-length
552

Redirect headers

date
Wed, 20 Apr 2022 15:39:21 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
status
307 Temporary Redirect
x-powered-by
PHP/7.2.9
location
/log/profile/user-match?lsUserId=null&oreferer=&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&type=js&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/918899832/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/918899832/?random=1650469161695&cv=9&fst=1650469161695&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa3f352f9651fb374e27030949758cba496a7e6088a3d80c7c233f70269472fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
998
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/793343641/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793343641/?random=1650469161698&cv=9&fst=1650469161698&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2df7e1e403087ed300903d95c64f61b211a80886e1014e837c67e6f89c35846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
998
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/925586039/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925586039/?random=1650469161699&cv=9&fst=1650469161699&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11bd346ecd98c15006498d2764a6c42a0513015a1e7def71fac82b137b8b4492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 0076 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1645303.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://secure.nzf.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
622215
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-id
PuZetJnY0jxiRfoUC1b_zrcnjpC4oIJg5MzY2ZGAjEKXcu1NWIJrGA==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1355695778&t=event&cu=GBP&_s=1&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&ul=en-us&de=UTF-8&dt=NZF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ecommerce&ea=checkout_progress&_u=aGDACUALBAAAAC~&jid=1431171760&gjid=1642219613&cid=195582403.1650469162&tid=UA-74254724-1&_gid=173907133.1650469162&_r=1&gtm=2ou4i1&cos=1&col=Calculate&pa=checkout&z=1281204149
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.nzf.org.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts
t.paypal.com/ 		42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A2586NC3YQ8KHN-1&page=muse%3Aoffer%3A%3A%3A2586NC3YQ8KHN-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3875d4fa-c57a-414c-a745-920fccf55a82&es=visitorInfoFlowStarted&mrid=2586NC3YQ8KHN&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=NZF&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1650469161731&g=0&completeurl=https%3A%2F%2Fsecure.nzf.org.uk%2F
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
6dd9c28591c7
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7345-LHR, cache-lcy19265-LCY
pragma
no-cache
x-timer
S1650469162.745527,VS0,VE165
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:39:21 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1834508646&gjid=26079608&_gid=173907133.1650469162&_u=YGBACEAKBAAAAC~&z=1380331389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 15:39:21 GMT
content-type
text/plain
access-control-allow-origin
https://secure.nzf.org.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
www.paypal.com/targeting/ Frame B7D7 		434 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb009c4ffa43fe240d8ac50fcd2963c3e03375cb6c0aa85a9f5b6e0937913a71
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-nmh7LsjXy/p1XgrqUVOIJ0gnyjZpt2PRha+EnnNAqgJkZhsZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-nmh7LsjXy/p1XgrqUVOIJ0gnyjZpt2PRha+EnnNAqgJkZhsZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
f9915729759b6
date
Wed, 20 Apr 2022 15:39:22 GMT
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7380-LHR, cache-lcy19257-LCY
x-timer
S1650469162.001617,VS0,VE242
x-frame-options
SAMEORIGIN
etag
W/"1b2-/Nz9wWinBRv5aiWRLEeLsMkk6WA"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 20 Apr 2022 15:39:21 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f9915724f8f0e
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-lhr7349-LHR, cache-lcy19234-LCY
x-timer
S1650469162.807789,VS0,VE165
collect
stats.g.doubleclick.net/j/ 		7 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1431171760&gjid=1642219613&_gid=173907133.1650469162&_u=aGDACUALBAAAAC~&z=1481341145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 15:39:21 GMT
content-type
text/plain
access-control-allow-origin
https://secure.nzf.org.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1431171760&_u=aGDACUALBAAAAC~&z=464667716
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1431171760&_u=aGDACUALBAAAAC~&z=464667716
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1834508646&_u=YGBACEAKBAAAAC~&z=1672474208
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74254724-1&cid=195582403.1650469162&jid=1834508646&_u=YGBACEAKBAAAAC~&z=1672474208
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
a.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/26046331.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:21 GMT
content-encoding
br
etag
"1d84ac37b962954"
last-modified
Thu, 07 Apr 2022 21:07:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
www.google.com/pagead/1p-user-list/793343641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/793343641/?random=1650469161698&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=3443805156&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/793343641/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/793343641/?random=1650469161698&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=3443805156&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/918899832/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/918899832/?random=1650469161695&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=362277327&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/918899832/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/918899832/?random=1650469161695&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=362277327&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/925586039/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/925586039/?random=1650469161699&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=2758511741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/925586039/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/925586039/?random=1650469161699&cv=9&fst=1650466800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4i1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nzf.org.uk%2F&tiba=NZF&async=1&fmt=3&is_vtc=1&random=2758511741&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-piggybacks
www.audiencemanager.de/log/profile/ Frame 2266 		168 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.audiencemanager.de/log/profile/get-piggybacks?pid=6086d04620899c5956708977&requesterId=5378d162602929d932c493122711474485564&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
Requested by
Host: prf.audiencemanager.de
URL: https://prf.audiencemanager.de/log/profile/user-match?type=js&pid=6086d04620899c5956708977&referer=aHR0cHM6Ly9zZWN1cmUubnpmLm9yZy51ay8=&oreferer=&lsUserId=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.120.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-120-18.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
040331f80c6925f9a7f18c02adeab552617602c67f5317f201cbb91fd4535dfe

Request headers

Referer
https://secure.nzf.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-length
165
content-type
text/html;charset=UTF-8
date
Wed, 20 Apr 2022 15:39:21 GMT
hostname
10-0-13-4
p3p
CP="NID DSP ALL COR"
requestid
8a072d62602929ee96e488552075856324313
responsetime
7
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
status
200 OK
vary
Accept-Encoding
x-powered-by
PHP/7.2.9
bounce
secure.adnxs.com/ Frame 2266
Redirect Chain
  • https://secure.adnxs.com/seg?add=26327657&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26327657%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26327657%26t%3D2
Requested by
Host: www.audiencemanager.de
URL: https://www.audiencemanager.de/log/profile/get-piggybacks?pid=6086d04620899c5956708977&requesterId=5378d162602929d932c493122711474485564&cookieId=5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 15:39:22 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5e347066-363a-4a78-8708-60740ff6ff24
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 15:39:22 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
de2945cd-c443-4361-b828-d3f7c2aa604d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26327657%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
m-outer-23335cd0c833d03926d94e8fb5cb0381.html
js.stripe.com/v3/ Frame 3941 		240 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-3.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nzf.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1961
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 20 Apr 2022 15:06:42 GMT
etag
"23335cd0c833d03926d94e8fb5cb0381"
last-modified
Tue, 05 Apr 2022 17:50:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-id
1XD8ssql4z0kcjvU91TOde1QF_SFJJOoUk0MhPlo5bW8tgwfrrj8fQ==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PI2k8ote5sWPUsDQk
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PI2k8ote5sWPUsDQk
Protocol
H2
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
104
date
Wed, 20 Apr 2022 15:39:21 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a93d26fe56967fa44766e3d58f53058d6828a06ce750503e871938155e2656b4
content-length
43

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PI2k8ote5sWPUsDQk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=crw
  • https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_PI2k8ote5sWPUsDQk&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw
  • https://pixel.prfct.co/cb?partnerId=crw
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.prfct.co/cb?partnerId=crw
Protocol
HTTP/1.1
Server
34.226.73.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-73-205.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pixel.prfct.co/cb?partnerId=crw
pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Wed, 20 Apr 2022 15:39:22 GMT
sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_PI2k8ote5sWPUsDQk&_origin=1&verify=true
date
Wed, 20 Apr 2022 15:39:22 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PI2k8ote5sWPUsDQk
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PI2k8ote5sWPUsDQk
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PI2k8ote5sWPUsDQk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PI2k8ote5sWPUsDQk
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PI2k8ote5sWPUsDQk
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PI2k8ote5sWPUsDQk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUEkyazhvdGU1c1dQVXNEUWs
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol
HTTP/1.1
Server
52.208.74.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-74-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=4932508&source=js_tag&a_id=58551
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.74.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-74-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif
seg
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?t=2&add=4932508
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 15:39:22 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c3c6d8c7-6122-4d47-a3cc-46dba26a78ef
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&RedC=c.clarity.ms&MXFR=383C966704196EA8134787EB00196051
  • https://c.clarity.ms/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&MUID=3B4F63581EA46EBD3EA472D41FC76F99
42 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&MUID=3B4F63581EA46EBD3EA472D41FC76F99
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 335A8FD1F65742C7B1D5F8D14E1FCFA0 Ref B: LTSEDGE1012 Ref C: 2022-04-20T15:39:22Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F2A61A84E7E94E4A859ED93BEFCBEC52&MUID=3B4F63581EA46EBD3EA472D41FC76F99
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
uwt.js
static.ads-twitter.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd0aab4060ef1c321293aa501648b607c5b2123b504db705357a90b560fb855c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 19:47:38 GMT
etag
"ddc5cdcd86497322d9e46464798180f9+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
9501
x-served-by
cache-iad-kjyo7100047-IAD, cache-muc13931-MUC
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 27 Apr 2022 15:39:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
/E63Ab5zt46REXpUSCbCodlzsHzoTdPLrMPAPVEtUZjfcDa/suHpsXJ16WZU8sRdfdTGb9yGAKM2LDEAhr0uuw==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Wed, 20 Apr 2022 15:39:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
consenTag.js
consentag.eu/public/3.0.1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentag.eu/public/3.0.1/consenTag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WPG8JF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.173.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 07:48:42 GMT
content-encoding
gzip
age
28240
x-guploader-uploadid
ADPycdtkfO8izJ7i9plBBSiCNiwRLGKb4nhQalW3vs1t8Fm6Hi0h9NSL4KEXNCxVuhezAhcyF9iBzSZ5FCVv68_kt8Dbtw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2606
last-modified
Sun, 26 Dec 2021 13:06:31 GMT
server
UploadServer
etag
"bbf29cf3e8db1d93e091a797634232a9"
x-goog-hash
crc32c=Uvujaw==, md5=u/Kc8+jbHZPgkaeXY0IyqQ==
content-language
en
x-goog-generation
1640523991137254
cache-control
no-transform
x-goog-stored-content-length
2606
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 20 Apr 2023 07:48:42 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1355695778&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&ul=en-us&de=UTF-8&dt=NZF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2Fcalculator&_u=aGDACUALBAAAAC~&jid=&gjid=&cid=195582403.1650469162&tid=UA-74254724-1&_gid=173907133.1650469162&gtm=2wg4i15WPG8JF&z=819981985
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 14:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5557
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1355695778&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&ul=en-us&de=UTF-8&dt=NZF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2Fcalculator&_u=aGDACUALBAAAAC~&jid=&gjid=&cid=195582403.1650469162&tid=UA-74254724-1&_gid=173907133.1650469162&gtm=2wg4i15WPG8JF&z=1941922351
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 14:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5557
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1355695778&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&ul=en-us&de=UTF-8&dt=NZF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2Fcalculator&_u=aGDACUALBAAAAC~&jid=&gjid=&cid=195582403.1650469162&tid=UA-74254724-1&_gid=173907133.1650469162&gtm=2wg4i15WPG8JF&z=1649990463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 14:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5557
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 3941 		0
347 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
3
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfSAV3srcxqjp_pnbXo-kCdrr8GqEdMhRu6E2zYX6JZWGZRELD9eW54qxHQZAu0_WbAbgfpK83wXVM-Q&disable-funding=credit,card,venmo,sofort&locale=en_GB&currency=GBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41d7a762154494a16bfa42fed1046981539de1ae430f0842ff3e6697fac92e4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f869574266307
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7382-LHR, cache-lcy19234-LCY
x-timer
S1650469163.601343,VS0,VE155
etag
W/"339-HG64EIwSt5vuN6J6TbaXZPmawPM"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.nzf.org.uk
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
js.stripe.com/v3/fingerprinted/js/ Frame 3941 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-3.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
58
x-cache
Hit from cloudfront
date
Wed, 20 Apr 2022 15:39:22 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Tue, 05 Apr 2022 17:50:29 GMT
server
Cloudfront
etag
W/"d0c7e21ec457b6a134a496f107c3ca93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
cgn8yzRVeZp7q73z4XZABpe0RKLqpZGYf0gBw7F_7cZVjX2dRJrP3g==
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.nzf.org.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.nzf.org.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
date
Wed, 20 Apr 2022 15:39:22 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f99157298ea8a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7328-LHR, cache-lcy19234-LCY
x-timer
S1650469162.410187,VS0,VE162
collect
a.clarity.ms/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://secure.nzf.org.uk
date
Wed, 20 Apr 2022 15:39:21 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
inner.html
m.stripe.network/ Frame 8747 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
128
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 20 Apr 2022 15:39:22 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
168
x-content-type-options
nosniff
x-request-id
d44a8106-e469-4f0e-abcd-87b8d757351c
x-served-by
cache-lcy19241-LCY
x-timer
S1650469163.519166,VS0,VE0
adsct
analytics.twitter.com/i/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.1&p_id=Twitter&p_user_id=0&txn_id=o1cte&events=%5B%5B%22addtowishlist%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=66a246ac-0a68-4820-802f-97342dfab823&tw_document_href=https%3A%2F%2Fsecure.nzf.org.uk%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
105
date
Wed, 20 Apr 2022 15:39:21 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a93d26fe56967fa44766e3d58f53058d6828a06ce750503e871938155e2656b4
content-length
43
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.1&p_id=Twitter&p_user_id=0&txn_id=o1cte&events=%5B%5B%22addtowishlist%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=66a246ac-0a68-4820-802f-97342dfab823&tw_document_href=https%3A%2F%2Fsecure.nzf.org.uk%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
103
date
Wed, 20 Apr 2022 15:39:22 GMT
server
tsa_f
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
555b0b1022c97b5341ddf0b84f48ed99278bd13d734417b0ff57317170a5085b
content-length
43
collect
a.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://secure.nzf.org.uk
date
Wed, 20 Apr 2022 15:39:21 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
rules-p-P532dr5hzZnS6.js
rules.quantcount.com/ 		209 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-P532dr5hzZnS6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:0:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cd5baf9709fc8fb0213f086bd8b631993b9319fcfdd6979bff48df7552bdbe3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:02:35 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
age
2208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Mon, 08 Mar 2021 21:44:39 GMT
server
AmazonS3
etag
"7cf05022c4e91856b5b3fb43c1cdd585"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
eyaSkA8jow8JSH66OhEP-p32sii06nnvZkpXjGvitRGA55isUUCEOA==
csp-report
q.stripe.com/ Frame 8747 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.nzf.org.uk
URL: https://secure.nzf.org.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
x-envoy-upstream-service-time
3
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.42.js
m.stripe.network/ Frame 8747 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
286
x-cache
HIT
content-length
16031
x-request-id
ba90efcf-5736-4d41-9480-cb9e510cd454
x-served-by
cache-lcy19241-LCY
server
Fastly
x-timer
S1650469163.556550,VS0,VE0
date
Wed, 20 Apr 2022 15:39:22 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
356
751871304920812
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/751871304920812?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
240d6d017603ca31bb27c23b4e611dace0b2a865c0da2251b5ef6eff313cedd0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89205
x-xss-protection
0
pragma
public
x-fb-debug
5/75VS5ToOMV2E0ESJGhos2YfnVE8f+OfBGgoWAm/X+GaO6tJBJhoZqOy88tcWAlsNuCPJ7FC7uXnB3vLPoQdg==
x-frame-options
DENY
date
Wed, 20 Apr 2022 15:39:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
6
m.stripe.com/ Frame 8747 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.80.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-80-215.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ca392593c75e00c051ed4bcd19346c764262f48a3696b137c09efe2d3a1ebc8e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 15:39:23 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pixel;r=951886919;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-P532dr5hzZnS6;url=https%3A%2F%2Fsecure.nzf.org.uk%2F;uht=2;fpan=1;fpa=P0-1244333983-1650469162691;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=951886919;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-P532dr5hzZnS6;url=https%3A%2F%2Fsecure.nzf.org.uk%2F;uht=2;fpan=1;fpa=P0-1244333983-1650469162691;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=nzf.org.uk;je=0;sr=1600x1200x24;dst=0;et=1650469162691;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
popup_silent.html
consentag.eu/public/3.0.1/ Frame 6EBB 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consentag.eu/public/3.0.1/popup_silent.html
Requested by
Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.173.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2

Request headers

Referer
https://secure.nzf.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2168966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-transform
content-encoding
gzip
content-language
en
content-length
3889
content-type
text/html
date
Sat, 26 Mar 2022 13:09:56 GMT
etag
"961f6921c00edbfac20c24cc4deda043"
expires
Sun, 26 Mar 2023 13:09:56 GMT
last-modified
Sun, 26 Dec 2021 13:06:31 GMT
server
UploadServer
x-goog-generation
1640523991162202
x-goog-hash
crc32c=fNucYA== md5=lh9pIcAO2/rCDCTMTe2gQw==
x-goog-metageneration
1
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
3889
x-guploader-uploadid
ADPycdsvIhthIzEsasWaUYifK9xP7oe7cY7BWd5tAxz_d1EO_tKhcq8RgZyDH-7V4FG0Q02yxB2tyT4IVhYGwMThPjU
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=751871304920812&ev=PageView&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&rl=&if=false&ts=1650469162736&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1650469162734.1937900054&it=1650469162555&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Apr 2022 15:39:22 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame 6EBB 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://consentag.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
561977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26909
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIosmYGdqqk6B%2FTq3L0Pi6SooBeiCnBxLgzZWu0joA0Gu5wqm7fvqM%2B07koBbdaL%2B6KMu1ytLzvJeTr7bnbD4Y%2F32HGd6ZLfNC9b6gJqf6C%2F1IqQ7hTO1SX4WDvHLMDOYxh%2FWbpM%2BEn07NXsgGK%2Fje5J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6feef8ed2c6e2325-ZRH
expires
Mon, 10 Apr 2023 15:39:23 GMT
mustache.min.js
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/ Frame 6EBB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/mustache.min.js
Requested by
Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://consentag.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2405085
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2513
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f29-2538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9G0Rq5RxXFUK1L7maU%2B6cJjLuPdVapoAufwGuU0H52GSpjdMTsXs9t8AFwxk8sGoRZ1PvtEyEeopOuU9hwtoYWOLEhaHIsGLfCngHQ9FwqnHtHHmFPLyoEJ5C8%2Bgi5EV3RIxMN0C4vmxVRwq%2BJscYTM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6feef8ed2c742325-ZRH
expires
Mon, 10 Apr 2023 15:39:23 GMT
getuam
consentag.eu/manager/consent/user/ Frame 6EBB 		835 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consentag.eu/manager/consent/user/getuam
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.173.107.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
bc96cf07ec359af4cf5e1ae3c63dd1c3c080e108bb991f967a6e448d9126709f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://consentag.eu/public/3.0.1/popup_silent.html
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 15:39:23 GMT
via
1.1 google
etag
uk-1650469163-37c1dbb8a7d44656875efeb3a0368663
server
Apache-Coyote/1.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
content-type
application/json
integration
i.ctnsnet.com/int/ 		0
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ctnsnet.com/int/integration?pixel=67128090&nid=304041&cont=s&loc=https%3A%2F%2Fsecure.nzf.org.uk%2F&ref=&cst=true&gdpr_consent=
Requested by
Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 15:39:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
content-type
text/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=751871304920812&ev=Microdata&dl=https%3A%2F%2Fsecure.nzf.org.uk%2F&rl=&if=false&ts=1650469164239&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NZF%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1650469162734.1937900054&it=1650469162555&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.nzf.org.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:39:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 15:39:24 GMT
collect
a.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure.nzf.org.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://secure.nzf.org.uk
date
Wed, 20 Apr 2022 15:39:24 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| dataLayer function| gtag object| GoCardlessDropin object| google_tag_manager object| __SENTRY__ function| SecureTrading function| trackAnalyticsEvent function| trackGoogleAnalyticsEvent function| getSpinner object| mixpanel object| __post_robot_11_0_0___uid_yofvkyfjlprzesiismnvtnhvqejrfv object| paypal object| __zoid_10_0_0___uid_yofvkyfjlprzesiismnvtnhvqejrfv object| __webpackStripeJSv3Jsonp function| Stripe object| _pa object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| paypalDDL string| PaypalOffersObject function| ppq function| facebookEventsHelper function| googleAdsEventsHelper object| _pq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| ueto_72c02c7af4 object| uetq object| __post_robot_10_0_44__ object| PAYPAL object| gaplugins object| gaGlobal object| gaData object| NanoSpace object| lsUserid function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| clarity object| ifr function| twq object| _qevents function| fbq function| _fbq object| twttr function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| consenTag

58 Cookies

Domain/Path Name / Value
secure.nzf.org.uk/ Name: vuex
Value: {%22user%22:{%22assets%22:{%22gold%22:%22%22%2C%22silver%22:%22%22%2C%22cash%22:{%22inHand%22:%22%22%2C%22inBank%22:%22%22%2C%22sharesCapital%22:%22%22%2C%22sharesDividend%22:%22%22%2C%22receivables%22:%22%22%2C%22cashIsa%22:%22%22%2C%22sharesInvestments%22:%22%22%2C%22pension%22:%22%22%2C%22crypto%22:%22%22%2C%22cashOwedToYou%22:%22%22%2C%22loanOwedToYou%22:%22%22%2C%22soldOwedToYou%22:%22%22%2C%22other%22:[]}%2C%22goldSilver%22:{%22other%22:[]}%2C%22moneyOwed%22:{%22other%22:[]}%2C%22crypto%22:{%22other%22:[]}%2C%22investment%22:{%22other%22:[]}%2C%22businessAssets%22:{%22cash%22:%22%22%2C%22receivables%22:%22%22%2C%22stock%22:%22%22%2C%22other%22:[]}%2C%22liabilities%22:{%22housePayments%22:%22%22%2C%22bills%22:%22%22%2C%22borrowed%22:%22%22%2C%22overdraft%22:%22%22%2C%22credit%22:%22%22%2C%22tax%22:%22%22%2C%22other%22:[]}}}%2C%22calculatorFilter%22:{%22selected%22:[]}%2C%22calculationSettings%22:{%22showPension%22:false%2C%22pensionKnown%22:0%2C%22deliveryCost%22:2}%2C%22goldSilverWeightSettings%22:{%22silver%22:false%2C%22silverWeight%22:%22%22%2C%22gold%22:false%2C%22goldWeight%22:%22%22}%2C%22zakatCalculation%22:{%22selectedPension%22:%22%22}}
.nzf.org.uk/ Name: mp_23d4de74e72c46c34095a7b20db2be16_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218047a0ca8623f-0b8bc5d1c899b1-1a343370-1d4c00-18047a0ca87d84%22%2C%22%24device_id%22%3A%20%2218047a0ca8623f-0b8bc5d1c899b1-1a343370-1d4c00-18047a0ca87d84%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.bing.com/ Name: MUID
Value: 3B4F63581EA46EBD3EA472D41FC76F99
.nzf.org.uk/ Name: _uetsid
Value: 0c702cc0c0c011ec9cb7a90a4973d8f1
.nzf.org.uk/ Name: _uetvid
Value: 0c706020c0c011ecbc66395fcea720b4
.nzf.org.uk/ Name: _ga
Value: GA1.3.195582403.1650469162
.nzf.org.uk/ Name: _gid
Value: GA1.3.173907133.1650469162
.nzf.org.uk/ Name: _gat_UA-74254724-1
Value: 1
.nzf.org.uk/ Name: _gat_gtag_UA_74254724_1
Value: 1
.audiencemanager.de/ Name: Nano
Value: 5d7422a9a30fbf46d19bf60c4b699f749fe43e27bdd39bf934e539a6eb8ac3f2
.nzf.org.uk/ Name: _hjSessionUser_1645303
Value: eyJpZCI6IjQ4MGM0NTY3LTM4N2UtNThjYS05YzQ5LTA3OGU3ZTM0NGJlYiIsImNyZWF0ZWQiOjE2NTA0NjkxNjE4MzcsImV4aXN0aW5nIjpmYWxzZX0=
.nzf.org.uk/ Name: _hjFirstSeen
Value: 1
secure.nzf.org.uk/ Name: _hjIncludedInSessionSample
Value: 1
.nzf.org.uk/ Name: _hjSession_1645303
Value: eyJpZCI6ImVmZTcyYTQ1LWMyZmMtNGQzYS1hMjIyLTMyMDEzYTg3MmQ0NiIsImNyZWF0ZWQiOjE2NTA0NjkxNjE4NjQsImluU2FtcGxlIjp0cnVlfQ==
.nzf.org.uk/ Name: _hjAbsoluteSessionInProgress
Value: 0
.prfct.co/ Name: pa_uid
Value: pa_PI2k8ote5sWPUsDQk
.paypal.com/ Name: ts_c
Value: vr%3D47a0cb6e1800a57038920778ffffffff%26vt%3D47a0cb6e1800a57038920778fffffffe
.adnxs.com/ Name: uuid2
Value: 187560904106213038
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: en_GB%3BGB
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY1MDQ2OTE2MjE2OCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3A2KA9rAXaDlHTlGxOav-I8IaVg0QIMeSJ.3A8cFYTJtUUDL%2F%2BvUbySM5itS7oMBRHB7g%2FHpEKWF4k
.paypal.com/ Name: l7_az
Value: dcg15.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1745163562%26vteXpYrS%3D1650470962%26vr%3D47a0cb6e1800a57038920778ffffffff%26vt%3D47a0cb6e1800a57038920778fffffffe%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.nzf.org.uk/ Name: _clck
Value: 1kptuh2|1|f0s|0
.nzf.org.uk/ Name: _gcl_au
Value: 1.1.1086080345.1650469162
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2E>5<eQUM!EKw)06K+2*qF1`*bcv!%JOo9
.prfct.co/ Name: pa_twitter_ts
Value: 1650469162355
.prfct.co/ Name: pa_crosswise_ts
Value: 1650469162410
.prfct.co/ Name: pa_yahoo_ts
Value: 1650469162431
.prfct.co/ Name: pa_openx_ts
Value: 1650469162432
.prfct.co/ Name: pa_rubicon_ts
Value: 1650469162432
.prfct.co/ Name: pa_google_ts
Value: 1650469162432
.nzf.org.uk/ Name: _clsk
Value: 5433ru|1650469162505|1|1|a.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 3B4F63581EA46EBD3EA472D41FC76F99
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3B4F63581EA46EBD3EA472D41FC76F99
.c.clarity.ms/ Name: ANONCHK
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBCopYGICEGAZmXF9nJGxdUoTBSKNPLsFEgEBAQF6YWJqYgAAAAAA_eMAAA&S=AQAAAlxgnJ8pQjzCGvTbOjWAirY
.doubleclick.net/ Name: IDE
Value: AHWqTUmuBJ6hJHLsI8duvkWFTNKQoxQjNvTrixegK4WqUJB-loN9cTnbpTItJppwnHA
.twitter.com/ Name: personalization_id
Value: "v1_lCGrlTZzgfMuU2YyaW0wpA=="
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z4~24fr
.nzf.org.uk/ Name: _fbp
Value: fb.2.1650469162734.1937900054
.quantserve.com/ Name: mc
Value: 6260292a-b45db-f2bfd-542ac
.nzf.org.uk/ Name: __qca
Value: P0-1244333983-1650469162691
.facebook.com/ Name: fr
Value: 079mkFNCr9dXmMq4F..BiYCkq...1.0.BiYCkq.
.addthis.com/ Name: ouid
Value: 6260292a00012b0a87ea98e6048655a4218ff908ea921c483877
.addthis.com/ Name: uid
Value: 6260292a10209492
.addthis.com/ Name: na_id
Value: 2022042015392277700458270265
.t.co/ Name: muc_ads
Value: 67e1e432-1b23-46e5-b7a4-da202b1e8b9e
.consentag.eu/ Name: bid
Value: uk-1650469163-37c1dbb8a7d44656875efeb3a0368663
secure.nzf.org.uk/ Name: __tmbid
Value: uk-1650469163-37c1dbb8a7d44656875efeb3a0368663
m.stripe.com/ Name: m
Value: f7823bc9-c10c-4077-9cbe-b690eba080515260c3
.secure.nzf.org.uk/ Name: __stripe_mid
Value: a5986b35-4f52-4be6-a382-0fd20e856f7d6e910f
.secure.nzf.org.uk/ Name: __stripe_sid
Value: 6290f337-4644-4012-9f8a-d979188e0bbec2c2ae
.ctnsnet.com/ Name: cid_bcfeccb1ef5c4235a4f35e7de5a81bb5
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.audiencemanager.de
cdn.mxpnl.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
consentag.eu
cw.addthis.com
donation-api.nzf.org.uk
fonts.googleapis.com
givematch.com
googleads.g.doubleclick.net
i.ctnsnet.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.gocardless.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.quantserve.com
pixel.rubiconproject.com
prf.audiencemanager.de
q.stripe.com
rules.quantcount.com
script.hotjar.com
secure.adnxs.com
secure.nzf.org.uk
secure.quantserve.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.paypal.com
tag.marinsm.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
webservices.securetrading.net
www.audiencemanager.de
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
104.244.42.195
104.244.42.5
104.45.184.134
104.75.88.126
108.157.4.19
142.250.184.226
142.250.185.226
143.204.98.102
143.204.98.3
143.204.98.33
143.204.98.82
151.101.0.176
151.101.1.21
151.101.128.65
151.101.193.35
151.101.194.133
18.156.0.31
185.33.221.13
199.232.188.157
217.27.252.167
2600:1901:0:498c::
2600:9000:2156:0:6:44e3:f8c0:93a1
2606:4700::6810:7caf
2606:4700::6811:180e
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.250.209.96
34.107.173.171
34.226.73.205
35.155.80.215
35.186.193.173
35.241.14.239
35.244.159.8
52.142.114.2
52.208.74.227
52.49.120.18
54.186.23.98
65.9.63.11
69.173.144.138
028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2
040331f80c6925f9a7f18c02adeab552617602c67f5317f201cbb91fd4535dfe
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
099c454f2c8cb6a9ecffc45feff64aebc855c8cf0345027628c53168b6fd904c
0a9b757e3fa385da893ca3d5d82040e835987113003f25a68c1e6bd961d67407
0ac8efa339da3ad175a8f8c4e43f2822b2cb5e695a8e86a424b00bdfb3b468b7
1074f004ee848c690ef0de1acd47138da9e6696329be10e220cf1c63b723130b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bd346ecd98c15006498d2764a6c42a0513015a1e7def71fac82b137b8b4492
1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14
2052e6af8d4e2975ad4a5d17cc08c0b4268364a388bf3ffd55653c70c67727ef
240d6d017603ca31bb27c23b4e611dace0b2a865c0da2251b5ef6eff313cedd0
270d006a6623b6e5ef9b67d2c5ecc4b4f1b3f0815d1e9c63c9535ecdb3105e6d
28efcfa0a14a4e02d587057f45f2d35f3a33db1f6240f243a899132a88c99c4e
2a44a31792c0da1b04f7cdd8a77585dea2d17241dd1eb064a8f25b3661f775a7
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
3657766e1141155b83d466e8e046f0f0995aa7a9b8fae077406c29538a167ac8
3b9c69025c935ebe64f758a4ead0f2a1b4686706dbe498c6a76e75c7aedaa600
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
41d7a762154494a16bfa42fed1046981539de1ae430f0842ff3e6697fac92e4e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca61579acd1ec1731bdc065a5016742d44d3da8320a40c308147c77559cd659
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
61077d736b15e17d02e1c987d307c1dc83a541d0c5681526a2a0a8ecf46283a3
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6a140ecad382b75c04649ab0ae298cb68ea7e7944edc52c6abb69d6d4f0c19b0
6c805d9d73b6d9b0a1b13d6d64d585b446b69b7f89fc7ed55a3a8b824d5bcdf5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
79b62a4a524a4adaae1a2fbbf2e5a9f95f43d31ec5733713e30efa48bbe86bf3
7a7a669b63d8ee9610a7e7dbdcd8f07710028377bd0ed45a77f5f132956ed145
7cd5baf9709fc8fb0213f086bd8b631993b9319fcfdd6979bff48df7552bdbe3
7dfc0200a3d149d4ab831f8e2ac4839cde1cc0636c38397ea01235e7a4c8b84a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f317fa917b73043e02da7e7bcc480d9175dce107c26952821cbee94e692660
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
91d868341b141904700858eee35f9ab0780bf53442ae85f0d947f212fc939daf
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e7188322bd10ecbadc79aa994fede5a27cb346f86039be3da8ef46d6db296e3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aab1c601178cc4bd8096aaa08aebdbf49257761c2538abe32b07502252803085
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af2032367e579e577766055afa8c55b6b7366cfc17351e8d931a120bdc761182
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bc5666913625baa75c916bc632888087b074bd5cf3920050016fe4cbb2be4711
bc96cf07ec359af4cf5e1ae3c63dd1c3c080e108bb991f967a6e448d9126709f
c2df7e1e403087ed300903d95c64f61b211a80886e1014e837c67e6f89c35846
c79e95c8f0beb42eff39de18e2b84f4b14a7a0bb49ea824c6e842788d4c6cdca
ca392593c75e00c051ed4bcd19346c764262f48a3696b137c09efe2d3a1ebc8e
ca4c7b946a6ab511742bcc5362b69bdffc0b8067edf981c5ac5ad267327b5cab
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb009c4ffa43fe240d8ac50fcd2963c3e03375cb6c0aa85a9f5b6e0937913a71
d71028e499e08e275585f8649e79a13542491f39778f55976f8e7344f485d35b
d842aa239f3c48b15c775462e18f0920578359ed61298b8a0e891444e635bc8f
da5eeb54c95a001d3020eff05d3387ecff44ee4b3d772ae45c270df75bd0e221
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dd0aab4060ef1c321293aa501648b607c5b2123b504db705357a90b560fb855c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e77270d22f1bd200fb21edc30f999e3ff4fa39bb0fb46a1633028da3b1b93
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f51d5633afbc7896c9e77e0f11b5c01e4f14acfbf4cc7a63e76253b3fbf79df5
f903edbbfcb600e7739bed7ccf6bb17e4dbbe1145e2b094e0cb12d5a2dd58b8a
fa3f352f9651fb374e27030949758cba496a7e6088a3d80c7c233f70269472fb