givenow.lls.org Open in urlscan Pro
2606:4700::6812:843c Public Scan

URL: https://classy.org/give/299329/#!/donation/checkout
Title: Donar

URL: https://www.lls.org/ways-to-donate/donate-crypto
Title: here

URL: https://www.classy.org/terms/
Title: Terms of Service

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

URL: https://www.classy.org/terms
Title: Terms of Service

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

URL: https://www.lls.org/sites/default/files/2021-08/Donate-by-mail-form-8-21.pdf
Title: mail

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary\u0026amp;orgid=3993

URL: https://www.guidestar.org/profile/13-5644916

URL: https://greatnonprofits.org/org/the-leukemia-lymphoma-society

URL: https://www.charitywatch.org/charities/leukemia-lymphoma-society

URL: https://www.lls.org/article/refund-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Refund

URL: https://www.lls.org/article/privacy-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Privacy

URL: https://www.lls.org/article/copyright?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Copyright

URL: https://www.lls.org/article/security?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Security

URL: https://www.lls.org/article/disclaimer?_ga=2.124336969.2115204755.1657652971-145610482.1654635694
Title: Disclaimer

server-13-225-78-109.fra2.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.e.lls.org/?qs=86442b2f565311ffd9ad643424a0f56018af8b92304384daf409b01136f75d16abffe153f2db8ecd40c1ea357badb56f0c1e4d15174714fb020a5ef99c09caab HTTP 302
https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://givenow.lls.org/ HTTP 301
https://givenow.lls.org/give/342076/

Request Chain 87

https://app.five9.com/consoles/SocialWidget/five9-social-widget.css?_=1669738014985 HTTP 302
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

Request Chain 151

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Request Chain 152

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Request Chain 162

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=57399951316813530 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=57399951316813530&dcc=t

Request Chain 168

https://secure.adnxs.com/px?id=823220&seg=8043408&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D[u1]%26pixel_id%3D823220%26uid%3D%24%7BUID%7D&t=2&gtmcb=899841000 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D823220%26seg%3D8043408%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253D%5Bu1%5D%2526pixel_id%253D823220%2526uid%253D%2524%257BUID%257D%26t%3D2%26gtmcb%3D899841000 HTTP 302
https://pixel.mediaiqdigital.com/pixel?u1=[u1]&pixel_id=823220&uid=8611575582870771978

Request Chain 204

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Request Chain 206

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=206663958798874340 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=206663958798874340&dcc=t

Request Chain 219

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3510324%26time%3D1669738015898%26url%3Dhttps%253A%252F%252Fgivenow.lls.org%252Fgive%252F342076%252F%253Futm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253DGiving%252BTuesday%252B7AM_20221128_Event%2526utm_id%253D317235%2526sfmc_id%253D320353980%2523%2521%252Fdonation%252Fcheckout%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23%21%2Fdonation%2Fcheckout&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQL7QCY9oXNcvAAAAYTEJC4dfVkHGv1z6i9zkU_9DXWtd1BRlNay-dLCrP59kKrObDfzyZ4W

Request Chain 234

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hy6GY7KCLpfLmLAPzbW9yAU&sscte=1&crd=&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4V5TB-sYCGknZT7AtCz9y45JC0PG8JEGNQ&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scmlITWJFOWhzaTUtNHdrNy1CQU9TR1QxeUFYYUNnZU15M0RYZzBkYVJfa2x5eWZ3V05pZVd0WXc HTTP 302
https://www.google.com/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scmlITWJFOWhzaTUtNHdrNy1CQU9TR1QxeUFYYUNnZU15M0RYZzBkYVJfa2x5eWZ3V05pZVd0WXc&is_vtc=1&ocp_id=Hy6GY7KCLpfLmLAPzbW9yAU&cid=CAQSKQDq26N9xacCCsVGIDO_lRcLuH0feqkKv21Sbs5LvAajVC8WtKQ7qLV_IBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4fPbNVF9O5ulM3rdTjkdH-8CtzZ4e6HhoQ&random=1886257296 HTTP 302
https://www.google.de/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scmlITWJFOWhzaTUtNHdrNy1CQU9TR1QxeUFYYUNnZU15M0RYZzBkYVJfa2x5eWZ3V05pZVd0WXc&is_vtc=1&ocp_id=Hy6GY7KCLpfLmLAPzbW9yAU&cid=CAQSKQDq26N9xacCCsVGIDO_lRcLuH0feqkKv21Sbs5LvAajVC8WtKQ7qLV_IBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4fPbNVF9O5ulM3rdTjkdH-8CtzZ4e6HhoQ&random=1886257296&ipr=y&prhg=0&ezwbk=AZuM4hAM3hN-I9n31fVMCzF5HiAqaRRYrsOv-s10P4MPkZWaC7PiMJE1S9R23ozT_UHba7GiGaGjfdvdQoHXstZXrK1H

Request Chain 236

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hy6GY8OFLtO2mLAPhLuu0A4&sscte=1&crd=&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4c2doVYMCEG1PEsPf2JKcPXO7JnhAYu-pg&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scEUzUGF6OHBHYnZ0YVNveGVPUnllMno5V2V1MXp2TFNWTjJMbkt2akU3Y2pHamloNGJxaUZ2YVE HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scEUzUGF6OHBHYnZ0YVNveGVPUnllMno5V2V1MXp2TFNWTjJMbkt2akU3Y2pHamloNGJxaUZ2YVE&is_vtc=1&ocp_id=Hy6GY8OFLtO2mLAPhLuu0A4&cid=CAQSKQDq26N9HedbiqMXGRnEJLnAy2-4qF9iPurLF61LQ8ggOE7iNRwFSlzDIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4b7hilLKkSa7wigca9igkltysKQhLymZ7g&random=3037618859 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scEUzUGF6OHBHYnZ0YVNveGVPUnllMno5V2V1MXp2TFNWTjJMbkt2akU3Y2pHamloNGJxaUZ2YVE&is_vtc=1&ocp_id=Hy6GY8OFLtO2mLAPhLuu0A4&cid=CAQSKQDq26N9HedbiqMXGRnEJLnAy2-4qF9iPurLF61LQ8ggOE7iNRwFSlzDIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4b7hilLKkSa7wigca9igkltysKQhLymZ7g&random=3037618859&ipr=y&prhg=0&ezwbk=AZuM4hCjnb5tYtCve1_kKBCRjPzLkS-j6PUl3Hp4ZkbY5hKMc15olBp9GgG91-xN6mBPjVUGqNfd-fYv_teDGOGDdMc2

Request Chain 241

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hy6GY6ihOaiImLAPo6yi2Aw&sscte=1&crd=&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4YzTcxlfsdvMLuu5SLxZ1OLMQdDCOrukmQ&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5sb09LTDJ0d2FodjlBcjRReUZOVXV2dTVDVUJpSHhOSDZfbm5MWUFrVjZ0VXlUczZsdGRoU3RRU0E HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5sb09LTDJ0d2FodjlBcjRReUZOVXV2dTVDVUJpSHhOSDZfbm5MWUFrVjZ0VXlUczZsdGRoU3RRU0E&is_vtc=1&ocp_id=Hy6GY6ihOaiImLAPo6yi2Aw&cid=CAQSKQDq26N9seluFGy9AtGVrsXq0ignSF-3nra947hal-z5nIxHrs3JnMieIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4cOuv-AI1LMFQZllaxkBflte7ThY3xJt4g&random=2371436365 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5sb09LTDJ0d2FodjlBcjRReUZOVXV2dTVDVUJpSHhOSDZfbm5MWUFrVjZ0VXlUczZsdGRoU3RRU0E&is_vtc=1&ocp_id=Hy6GY6ihOaiImLAPo6yi2Aw&cid=CAQSKQDq26N9seluFGy9AtGVrsXq0ignSF-3nra947hal-z5nIxHrs3JnMieIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4cOuv-AI1LMFQZllaxkBflte7ThY3xJt4g&random=2371436365&ipr=y&prhg=0&ezwbk=AZuM4hCp7VygfGjlYWYS8p9BtS47wG0fqe6GhXo1GDlP_3y3GYHqNPb6xX_XgOR4y8ABs7itOTc-p56axqBgxqPxT8u0

Request Chain 291

https://ib.adnxs.com/setuid/a9?entity=188&code=3tpV4ZUkTZOVWVUS0x-tEw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=3tpV4ZUkTZOVWVUS0x-tEw

Request Chain 293

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217293104350002731658&ex=neustar.biz

Request Chain 294

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=PB7D7BkmQ6a52TFMgzSKQg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=PB7D7BkmQ6a52TFMgzSKQg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y4YuII6zdAPDFH.S0tIn1AAA

Request Chain 295

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=444d8a02bf0e19b3f37d57f39b33f305

Request Chain 296

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 297

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Hyna67eTRd6svj7zhN84AA HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Hyna67eTRd6svj7zhN84AA&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Hyna67eTRd6svj7zhN84AA

Request Chain 298

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a8592466-1d3d-47f8-8244-928e11541beb

Request Chain 301

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=45e3c1027e4cb8e2254d3b047ff30&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 302

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 304

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8a2070d3-2132-44e5-8391-dbe11f1411c3&ex=improvedigital.com

Request Chain 307

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=105e42ab434cacb51

Request Chain 308

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GOc8mxBOShaUDnpIJjZd_w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GOc8mxBOShaUDnpIJjZd_w

Request Chain 309

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=SFc4QvEKQzCnWvqFMwdY9Q&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=45e3c1027e4cb8e2254d3b047ff30&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=SFc4QvEKQzCnWvqFMwdY9Q

Request Chain 310

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lMJaRW0qRGKLhfNEnM6QKw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=lMJaRW0qRGKLhfNEnM6QKw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=63944355847050563604314244810027379841

Request Chain 311

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=n0d4jC4eSfCqCPCachoDSw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10809976114326577410&gdpr=&gdpr_consent=

Request Chain 313

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2773454147823996525

Request Chain 314

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d94305c5-6fff-11ed-84f5-1fe3cd8f0106 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d9430572-6fff-11ed-84f5-1fe3cd8f0106

Request Chain 315

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22107c15db-d52a-4f4b-a27a-d55d45165dee%22,%22Time%22:%2220221129T160657.027255%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=107c15db-d52a-4f4b-a27a-d55d45165dee

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHZM16zVCLnSRyKQAIFPBKU&google_cver=1

Request Chain 318

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3b94637f1892af4b0e01029343bf18bf

Request Chain 320

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KtQZEN6HPnuzRjymq7dJ4Tc4ZMY4ZgIC

Request Chain 322

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D53EAD9E5417041D

Request Chain 323

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8611575582870771978&ex=appnexus.com

Request Chain 324

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=hZZSbxxcQPWcR4vD9xNFwQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=hZZSbxxcQPWcR4vD9xNFwQ

Request Chain 325

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=efzmP3tgED9YpAt9IBNPPQ&ex=rubiconproject.com&status=ok

Request Chain 326

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=6ifdHy6NTJGfcfbqKpPwqw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 328

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D212E86634431F72C020EBC48

Request Chain 329

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=38e5fc0bcf60d031d25da5bc52d6a9899a0ddb04dc7c46d6ea077fd0eb9019c8

Request Chain 330

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=8975B3F5-BC2C-4D90-ABE6-24093E185BD1

Request Chain 331

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=87813b67-1025-40ee-8ca6-df0434b8397e-tucta7fb3a1

Request Chain 332

https://ib.adnxs.com/setuid/a9?entity=188&code=YomVGO-9TaKlTwm11HQmKg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=YomVGO-9TaKlTwm11HQmKg

Request Chain 334

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217293104350002731658&ex=neustar.biz

Request Chain 335

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=3jnuvjQUSvOAwkN7cF24uA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=3jnuvjQUSvOAwkN7cF24uA&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y4YuII6zdAPDFH.S0tIn1AAA

Request Chain 336

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=444d8a02bf0e19b3f37d57f39b33f305

Request Chain 337

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 338

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FvMZPGhNSfyL4xKDNdMD9A HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FvMZPGhNSfyL4xKDNdMD9A&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=FvMZPGhNSfyL4xKDNdMD9A

Request Chain 339

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a7f2a3ae-ac59-4b86-ab84-c74a1fa9145b

Request Chain 342

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=ddaa6c433477e91e60f5ab4a68a08343&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 343

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 345

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8a2070d3-2132-44e5-8391-dbe11f1411c3&ex=improvedigital.com

Request Chain 348

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=105e42ab433544b2d

Request Chain 349

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=A1_Nban3RTGtxVxbouMg-g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=A1_Nban3RTGtxVxbouMg-g

Request Chain 350

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=bbZ7TkKjSeuQKWV59glaaQ&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=45e3c1027e4cb8e2254d3b047ff30&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=bbZ7TkKjSeuQKWV59glaaQ

Request Chain 351

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=scPKSJIhRm2y5WX_kZyeiQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=scPKSJIhRm2y5WX_kZyeiQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=56711795792143501064382959343920962363

Request Chain 352

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=oL1CGFg-SzaNMsNrn3LdKg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10813353813908438736&gdpr=&gdpr_consent=

Request Chain 354

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4786846686676583764

Request Chain 355

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d942f222-6fff-11ed-9bff-19bfd3920506 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d942f1de-6fff-11ed-9bff-19bfd3920506

Request Chain 356

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%227d5fb147-cf9e-4357-9df7-e27c861b8b50%22,%22Time%22:%2220221129T160657.024387%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=7d5fb147-cf9e-4357-9df7-e27c861b8b50

Request Chain 357

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHZM16zVCLnSRyKQAIFPBKU&google_cver=1

Request Chain 359

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a7efc567a03d41d627d8c95977744654

Request Chain 361

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KtQZEN6HPnuzRjymq7dJ4Tc4ZMY4ZgIC

Request Chain 363

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=28E6696C7F000367

Request Chain 364

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8611575582870771978&ex=appnexus.com

Request Chain 365

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=jxjr_QhuSkCu0yvqQXAKJQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=jxjr_QhuSkCu0yvqQXAKJQ

Request Chain 366

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=pkZJ1FxXuzfoNyoPFL5-McWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 367

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=HdKNjdqcS3es-CbjSPPMvw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 369

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D212E866341311432021D5B52

Request Chain 370

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=38e5fc0bcf60d031d25da5bc52d6a9899a0ddb04dc7c46d6ea077fd0eb9019c8

Request Chain 371

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=41EB4D91-A54A-46F0-BCA5-6CCCD1B11463

Request Chain 372

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c5a0eff4-7a6e-4e6c-bde7-e460d1151226-tucta7fb3a1

376 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
givenow.lls.org/give/342076/
Redirect Chain

http://click.e.lls.org/?qs=86442b2f565311ffd9ad643424a0f56018af8b92304384daf409b01136f75d16abffe153f2db8ecd40c1ea357badb56f0c1e4d15174714fb020a5ef99c09caab
https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

576 KB
58 KB

1039ms
981ms

Document
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a551ff17e71ea12268a840e9e895b4ee0d1b671d5aa4e4bc8d01cac11552ca5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 771c97cddb6391ed-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:52 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 301
Content-Type: text/html; charset=utf-8
Date: Tue, 29 Nov 2022 16:06:51 GMT
Location: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980#!/donation/checkout

GET
H2 200 main.css
prod-frs.content.classy.org/prod/17519/static/frs/ 1 MB
141 KB 207ms
125ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/frs/main.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be21bfd5caa326d6867d8007cd47a4608290f548c91c82fa79841fb6db8f3a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: WPH1VFZ3CCNBTJC8
age: 54807
cf-polished: origSize=1111058
x-amz-id-2: wsISIXW9ebOJAsEz1fxKKbX3OW64pkQFa13r8zQqt8jac29WXItXOObKAi+jWpZxGarlm5LyARI=
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: W/"eed0ab4b6e05fcb1694897be46e35ced"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 771c97d51b0168f2-FRA

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 148 KB
20 KB 287ms
89ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: f29284391b13047f31dca4a8517dbad440d7c6172031241515f30b4527c4a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 06:11:31 GMT
server: nginx
etag: "637c6813-50af"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20655

GET
H2 200 rocket-loader.min.js Show response
givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
server: cloudflare
content-encoding: gzip
etag: W/"637cd00d-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 771c97d65c7391ed-FRA
expires: Thu, 01 Dec 2022 16:06:53 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 145ms
106ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 771c97d689b39150-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/17519/static/onetrust/ 50 KB
12 KB 50ms
46ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6SCJW87E7S3GMX5Y
age: 54260
cf-polished: origSize=54583
x-amz-id-2: LDRmEyR1QpIBapGy8ah/iUE8n7NM95c+5j8BHfrySgNw0uX64+/VM3RQ65kbUnQ9bgCG0neZJMg=
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 771c97d6ff7468f2-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 17 KB
5 KB 504ms
123ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e6ee5d369e4fea8821fd34d180c466fbf6bb9ca6a91f1488edc024bd6a2c4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:53 GMT
last-modified: Tue, 01 Nov 2022 16:22:24 GMT
etag: "0e0ec1feeed81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4497
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 67ms
46ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26634216
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT89WF24FJXFMVDSB49CF2ZM
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 771c97d71fc69293-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17519/static/frs/donation/ 182 KB
37 KB 70ms
67ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/frs/donation/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e592845cc688496e009852d38a102f9765e6bd0de45eef6b777b6ec824d7f7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: WPHER8NCG144EN3S
age: 54798
etag: W/"f55d1e3634139f81e066820406694af7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 771c97d6ff7968f2-FRA
x-amz-id-2: 65YhqSAzcrm9GtwdaYpMwY5WK+jO2GnVQOvCJ52xUH0czvdrPAmQmXhxzspALPbh/1ELrWy0iAU=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17519/static/global/ 2 MB
366 KB 61ms
58ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88dbb4b8e1129e9ac92832b7c33b5ef4cdf6b4b5dce49d4b9e045ad6367fc63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: HJVSSRBMBR4M2BFM
age: 54816
etag: W/"49404997da4a909038a1c50bd079627e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 771c97d6ff7e68f2-FRA
x-amz-id-2: fR8S65/eTMZ+bcJbuFW3nz5gZ2mBqXOxhkG06Ynj0nTAdRQnHfIVfungvvMRCIzqhFpHL6omke0=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/17519/static/global/ 1 MB
430 KB 76ms
73ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/libs.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: HJVQA9K9SB063PKC
age: 54816
etag: W/"772e1301b871cc2545926cb86ee5965f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 771c97d6ff8368f2-FRA
x-amz-id-2: k6zQ3NqV0gtCHUzTkjDX+7+fKkJDNlZM1LpRofq+c4C4EVrMsc7QCKnHIyLFG09N+QQdJMa1wkQ=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 102ms
14ms Script
application/javascript 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
date: Tue, 29 Nov 2022 14:50:17 GMT
last-modified: Thu, 17 Nov 2022 19:59:54 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 4710
etag: W/"637692ba-2bc3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: SDR5scl0H_MdY-mIbEZEwdxHWVBZjrSzcQbQLdYlTxxIpcO0W_aqrg==
expires: Wed, 30 Nov 2022 14:48:23 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 107 KB
37 KB 111ms
32ms Script
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9769bc693b421a55220ada1d37532abce9a4aeff6aea7a3a3f941ecd45f57659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: LVN4T4QU1NOgUMhjSxOM3eZnd2iyaaL2
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
date: Tue, 29 Nov 2022 00:25:22 GMT
x-amz-request-id: 6GS7EJZP0CWTAWXA
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 56868
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: aa1O9IJZ2CecGHCZWB+ZZrmXgqmrjaFkfxu1x8sMPpCOWPvzGJXVCJFoOQJxHPWbWE4zpSJjHmY=
last-modified: Wed, 23 Nov 2022 21:27:14 GMT
server: AmazonS3
etag: W/"6ce30dbc0724812a91def1b44cb406b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: MuTa3nkrLwWFsU-hWftcMO7_hG9Nv_BResXgYLqfrksT8dS3su-jDA==

GET
H2 200 / Show response
js.stripe.com/v3/ 398 KB
96 KB 36ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:53 GMT
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 97906
x-request-id: c3c0e66d-3c64-4546-933f-db270227d38c
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 04:35:54 GMT
server: Fastly
etag: "0811280c436e51c657484d591864732e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65

GET
H2 200 20864580600.js Show response
cdn.optimizely.com/js/ 406 KB
111 KB 242ms
132ms Script
text/javascript 2a02:26f0:4700:187::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20864580600.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:187::13b8 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70f31684a6b01b6a05fe50fa69d5605a0000b22d41fc687a7eb1abd72883fecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: zytuG5fTULdgmQvdOlvszMWHQQbX3NZn
content-encoding: gzip
date: Tue, 29 Nov 2022 16:06:53 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 0J6J329TQ6F3SXH2
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2727
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="43";dur=0,cdnip;desc="2a02:26f0:4700:187::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 112212
x-amz-id-2: GCLyvW5oG2GHv/dU1MpxDd9rTxbZpfjPzaEokITre0wsYmmp4K7pU5FE7LaC0ifB/ychWEMf+5g=
last-modified: Fri, 18 Nov 2022 23:26:17 GMT
server: AmazonS3
etag: "18916bbba033a10f9052da6641d8552f"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 429 KB
92 KB 93ms
91ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 15f32bfb490570a4348d5a62b1c5964c1a3312074b7e786c8495ffee45dcab9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:53 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 06:11:29 GMT
server: nginx
etag: "637c6811-16cf2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93426

GET
H2 200 a20864580600.html Show response
a20864580600.cdn.optimizely.com/client_storage/ Frame 8E27 2 KB
1 KB 174ms
124ms Document
text/html 184.24.5.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20864580600.cdn.optimizely.com/client_storage/a20864580600.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.5.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-5-146.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

122234eb17cf7da0f0904da344db24a085b1a6a1fc92a5b2f32c16e164dd835e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 976
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:53 GMT
etag: "46a055aa33e6855b724c13ba73e5b416"
last-modified: Fri, 18 Nov 2022 23:26:07 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="184.24.5.146";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: 5jg2UEv/a3Px7w3Q9xPie8kZ38bl9EabyFfgMtuFFacRCc8pblToyIfkTkgbpYAkBcJKwykVvJ8=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: FHFFHS91K1EB6SFW
x-amz-server-side-encryption: AES256
x-amz-version-id: D9lRV6xsljUxuDQ7s1lRN5jIm48QPDOM

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 15:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2530
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 29 Nov 2022 17:24:43 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 119 KB
120 KB 36ms
9ms Script
application/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

47dd9fed7744b32b474b942ee7dcdc360ff12d4504bdde0b88b4be15e29c85ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 24
etag: W/"1dd19-axamJNTA35zdB6nsYId/eA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
content-length: 122137
x-amz-cf-id: 4k68G5j8ife8ZcEovE0ycQCpUyu96BqhKybH0X7Uk8KCTZeWRNDTag==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 260ms
173ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 29 Nov 2022 16:06:54 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 174ms
173ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2022-11-29T16:06:53.927Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 16:06:54 GMT
via: 1.1 google
bugsnag-session-uuid: 78170753-d5c9-40ac-b41e-5ae5fb4954e3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 906 KB
51 KB 227ms
145ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a1d5f9758620ebf2dcdba3beaf500fa754f98ab77da98a73bf9a4e4030b3092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52044
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 16:06:54 GMT

GET
H2 200 sdk.js Show response
givenow.lls.org/sso/ 21 KB
6 KB 532ms
531ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/sdk.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8040ffcde69d17a00a842c01c1c872ab513ebb920c6a74033f852180226178d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 29 Nov 2022 15:40:02 GMT
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 771c97db2e5391ed-FRA
expires: Tue, 29 Nov 2022 16:26:54 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1439/ 0
43 KB 8ms
7ms Other
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1439/link-dynamic-loader.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: dym.DR0WDP8b6t465ggdIFN0607y_Ihl
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 21:56:48 GMT
x-amz-cf-pop: FRA60-P1
age: 65407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 21:27:14 GMT
server: AmazonS3
etag: W/"12e5d5e19ddd53ed286f454dae807a84"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: IOcEL4tXfAOQJJGrw5T6-F3lvBLw4mdLR1APaUmkSmi2gk2lSQT4QA==

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 1D12 200 B
809 B 8ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1368113
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:54 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 908092
x-content-type-options: nosniff
x-request-id: 2dd51d3d-fea0-45dd-9a4a-6a722ba09183
x-served-by: cache-hhn4054-HHN

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 43ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Nov 2022 16:06:54 GMT
x-amz-request-id: J0XS0XHDKAKPMSWC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: o+/Ck3SdUMwgyF0gIDjiS+lD/kfLVIfuRj/+/m7c0puT4ifesJc3SQC740QkLeRQ4UEJVR6pLjw=
x-served-by: cache-hhn4061-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1669738014.094917,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 15698

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/17519/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1YYG94F4TFS4Y4HM
age: 54260
cf-polished: origSize=22581
x-amz-id-2: EU6CoeMZYoEcMyOpa/KsdtJXC0sDEIT8cS6gcC+G6iUzHh1WIclwy3np8L5LKGE4SUDvicsf/5M=
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 771c97dbfa3e68f2-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 80ms
47ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery3210512196560699788_1669738013823&_=1669738013824

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771c97dc29d0918f-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 257ms
175ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 29 Nov 2022 16:06:54 GMT
via: 1.1 google

OPTIONS
H/1.1 200 available_campaigns
app.five9.com/appsvcs/rs/svc/orgs/ Frame 0
0 466ms
110ms Preflight 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/appsvcs/rs/svc/orgs/available_campaigns?tenantName=Leukemia%20Lymphoma%20Society&campaignNames=Donation_LLSClassy_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,farmId
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,farmId
Access-Control-Max-Age: 3600
Allow: GET, POST, PUT, DELETE, OPTIONS
Date: Tue, 29 Nov 2022 16:06:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 29ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:54 GMT
Content-Encoding: gzip
Age: 667
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67BD)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 149ms
53ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d88570992716a4ec3afa008e9e4162144e37ac9be5553ddf1ebb0f030d1b601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 29 Nov 2022 16:06:54 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 73ms
22ms Script
application/javascript 2600:9000:20eb:c400:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:56:24 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 40231
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 747
x-amz-cf-id: xnGbT2hcgYZ9A3n7W_OwhpZgVquTNZ7Iust03Dk7aSOTp3dPJHk5Jg==

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 239ms
176ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2022-11-29T16:06:54.288Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 16:06:54 GMT
via: 1.1 google
bugsnag-event-id: 63862e1e00a31629908c0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200 available_campaigns Show response
app.five9.com/appsvcs/rs/svc/orgs/ 177 B
2 KB 121ms
121ms XHR
application/json 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/appsvcs/rs/svc/orgs/available_campaigns?tenantName=Leukemia%20Lymphoma%20Society&campaignNames=Donation_LLSClassy_Chat

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

74789324cd68507e9e6c29735b3853eed72430423be72baf3d0e28f15059bd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 29 Nov 2022 16:06:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Session-Expiration-Date: Wed, 30 Nov 2022 00:06:54 GMT
X-XSS-Protection: 1
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,farmId
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,farmId

GET
H2 200 market-data Show response
givenow.lls.org/frs-api/crypto-giving/BTC/USD/ 35 B
192 B 465ms
465ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390db0af4b6426ef671f8d8e61df397ea5d9e9467616111fa1726c1524eaaf19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-4786f5a3f76e15be----1669738014378
traceparent: 00-9baa3d1bbfe19b631d2e7ac3fc107b81-4786f5a3f76e15be-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0Nzg2ZjVhM2Y3NmUxNWJlIiwidHIiOiI5YmFhM2QxYmJmZTE5YjYzMWQyZTdhYzNmYzEwN2I4MSIsInRpIjoxNjY5NzM4MDE0Mzc4fX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"23-3mAd9pQAqOu6/idgRNGPvFauXts"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 771c97dddc1391ed-FRA
content-length: 35

GET
H2 200 tax-entities Show response
givenow.lls.org/frs-api/organizations/33874/ 397 B
328 B 230ms
229ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/tax-entities

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb8db5cce14758494b967647bf771905022f3e68363de55b7440e9f6b65615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-c4f6c2bf22335330----1669738014379
traceparent: 00-5dce812d7afe92a7c9a4f99ccdadb899-c4f6c2bf22335330-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNGY2YzJiZjIyMzM1MzMwIiwidHIiOiI1ZGNlODEyZDdhZmU5MmE3YzlhNGY5OWNjZGFkYjg5OSIsInRpIjoxNjY5NzM4MDE0Mzc5fX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-JccVDYLjkX8/sTUd67MWdvg9V/M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97ddec1491ed-FRA

GET
H2 200 channels Show response
givenow.lls.org/frs-api/campaigns/342076/ 784 B
483 B 572ms
572ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6209385b2dff3d5c09c860be40500f80677b553033fc73754daf8f5ed86ee9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-c34bb89753c34617----1669738014380
traceparent: 00-9fe5b1148288228555dc569f2b031813-c34bb89753c34617-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMzRiYjg5NzUzYzM0NjE3IiwidHIiOiI5ZmU1YjExNDgyODgyMjg1NTVkYzU2OWYyYjAzMTgxMyIsInRpIjoxNjY5NzM4MDE0MzgwfX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"310-t1SeSvQHE73QW/sU188g5IOTEgM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97ddec1791ed-FRA

GET
H2 200 ach-account-routing Show response
givenow.lls.org/frs-api/organizations/33874/ 33 B
239 B 511ms
510ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/ach-account-routing

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-b0592b37b7eb9013----1669738014381
traceparent: 00-9ec26255985277b998b411415b0d06ee-b0592b37b7eb9013-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiMDU5MmIzN2I3ZWI5MDEzIiwidHIiOiI5ZWMyNjI1NTk4NTI3N2I5OThiNDExNDE1YjBkMDZlZSIsInRpIjoxNjY5NzM4MDE0MzgxfX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97ddec1991ed-FRA
content-length: 33

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 605ms
573ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e457c543a64bb79bf5c7f3425f3b89f45626e6a7aeb49b18c74988a3657d713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: b3dba1b7-2cf6-40ec-a782-782b058fae35
cf-ray: 771c97de4dc0997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
583 B 448ms
415ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: ebc00514-5a55-48bf-a6dc-7cb7f231c740
cf-ray: 771c97de4dc3997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaign/342076/ 1 KB
588 B 485ms
483ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaign/342076/designations?per_page=100

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c44e38eae7e0c63c236781343dce1044c304c5866514482bb394c6086e48cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-3a210db22f51bb47----1669738014462
traceparent: 00-0d407069b47b8688dfe9e4e2278eee08-3a210db22f51bb47-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzYTIxMGRiMjJmNTFiYjQ3IiwidHIiOiIwZDQwNzA2OWI0N2I4Njg4ZGZlOWU0ZTIyNzhlZWUwOCIsInRpIjoxNjY5NzM4MDE0NDYyfX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"42c-U9/MOkbQU5gMR1dPYUUHWJVkndU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97de6d1691ed-FRA

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaigns/342076/ 1 KB
584 B 494ms
493ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/designations?filter=id%3D39235

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d2f30d7a7b952bf1d098ed3089ce0042df10082532f951d48a2fa9b3cd37b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-afd8c3aa5e523614----1669738014463
traceparent: 00-cf2bfdb54c76c85c1e955caff6532acc-afd8c3aa5e523614-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZmQ4YzNhYTVlNTIzNjE0IiwidHIiOiJjZjJiZmRiNTRjNzZjODVjMWU5NTVjYWZmNjUzMmFjYyIsInRpIjoxNjY5NzM4MDE0NDYzfX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"425-036EpQKrFg6xx/79merneuhS1UA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97de6d1c91ed-FRA

GET
H2 200 currency-conversions Show response
givenow.lls.org/frs-api/i18n/ 75 B
199 B 479ms
479ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5afa3e13060b5113675681d2116c167c34b7a27cf9b3f6bb869ebf6f09972aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
tracestate: 423787@nr=0-1-423787-363751183-7ee300609cfcf142----1669738014570
traceparent: 00-8d2562827c9ae030026d247c4810ba46-7ee300609cfcf142-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3ZWUzMDA2MDljZmNmMTQyIiwidHIiOiI4ZDI1NjI4MjdjOWFlMDMwMDI2ZDI0N2M0ODEwYmE0NiIsInRpIjoxNjY5NzM4MDE0NTcwfX0=
Accept: application/json, text/plain, */*
csrf-token: jvdcg1ht-fDqHUuarrRYb-9dh-nmfC-ZEkEw
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-ObOjRWWdy8ZamU3VxQp3p3QBzP8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97df1e8991ed-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 494ms
494ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19aff2babf935f94b48e65afd1592fc4b61535684adfcdd312fa9efbcc0af42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 4ad9b042-ff2d-4cd9-a37c-e4d1c99155ed
cf-ray: 771c97df1f7f997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
givenow.lls.org/static/global/images/ 2 KB
2 KB 72ms
65ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 584798
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Mon, 21 Nov 2022 23:53:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "637c0f78-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 771c97df2ea091ed-FRA
expires: Wed, 22 Nov 2023 21:40:16 GMT

GET
H2 200 1f305074-be54-11eb-a799-0a610299dcaf.jpg
assets.classy.org/4195518/ 9 KB
9 KB 84ms
66ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/4195518/1f305074-be54-11eb-a799-0a610299dcaf.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f8dd03c2192a5aba71380609f29b1fa5f923eea061b24760839a1fb888e54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: W6Nyba5P38GUPZGZafiQ4JSnYY_WGNW_
age: 584799
x-amz-cf-pop: FRA60-P3
cf-polished: qual=85, origFmt=jpeg, origSize=57544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="1f305074-be54-11eb-a799-0a610299dcaf.webp"
content-length: 9186
last-modified: Wed, 26 May 2021 18:56:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a7de55223120c69c682ce03b55830442"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 771c97df389168f2-FRA
x-amz-cf-id: F2mKFBZHNxyiRrtL6aHISdR7xjAHG2HyJ_yKi5AhWjFZZrV4uSQ0UQ==

GET
H2

200

/
givenow.lls.org/give/342076/
Redirect Chain

https://givenow.lls.org/
https://givenow.lls.org/give/342076/

40 KB
40 KB

835ms
834ms

Image
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/give/342076/

Protocol

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self';
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 771c97e8bb1e91ed-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://givenow.lls.org/give/342076/#!/donation/checkout
cache-control: max-age=300
cf-ray: 771c97df2eac91ed-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK footer-logo-charity-navigator.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 7 KB
7 KB 355ms
127ms Image
image/png 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-navigator.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 439aa6b5ecb2230ff8c9dd2d23a72ac144241362ad13d6371ecab2b3148da2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: omnJoSDO52TWSAvgBdn2GfvX3cg9OXL4
Last-Modified: Tue, 09 Nov 2021 18:16:56 GMT
Server: AmazonS3
x-amz-request-id: 6EZ7JPBBS2B7YKH4
ETag: "c2fb98aa5eb275ea5257858c8c77afd1"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 7020
x-amz-id-2: DVa4TqcWW+pEhVCjgc1ENgn824D/qgaVGiOrNffwp8ACDmiV4u1XqYygJT4YzeAQCsiubRs5bqQ=

GET
H2 200 6939026
widgets.guidestar.org/TransparencySeal/ 11 KB
4 KB 532ms
446ms Image
image/svg+xml 104.22.54.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6939026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60545e054ec3ed32276ff337a4775973165502a5d7420dcbe0c7c3c1e3136d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 771c97dfad8e91e7-FRA
expires: -1

GET
H/1.1 200
OK footer-logo-great-nonprofits-2021.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 12 KB
13 KB 362ms
134ms Image
image/png 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-great-nonprofits-2021.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f2c92b210b89615b0bbee08b02f7fb4e28e1afb1fd6ca77ca7a89579ad9883c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: P9kDPkP82g6Jb0vD6y.syn4E0q9j7gv8
Last-Modified: Tue, 09 Nov 2021 18:16:57 GMT
Server: AmazonS3
x-amz-request-id: 6EZ7T55C1AP1CFMS
ETag: "50be17cef1293e9e3c3d4d6f92242ad3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 12565
x-amz-id-2: /Ztypg6HO0tRuOEpliY48uTPvAll3HRVcLpF5QO2q08ngi1nMtXRjlXU84CAg8stNFuT0fR0/B4=

GET
H/1.1 200
OK footer-logo-charity-watch.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 5 KB
6 KB 355ms
127ms Image
image/png 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-watch.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cab31fc0a6902621b57ffe6afec60a97aa570de05fafda357daaeece9c29485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: 5dakYRN9oPGlaOVE0La3nx.ulcRZTuQJ
Last-Modified: Tue, 09 Nov 2021 18:16:58 GMT
Server: AmazonS3
x-amz-request-id: 6EZ5ZYDDGA2T8A7C
ETag: "728de1350ee9e91045ae257f6ae1c18e"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 5191
x-amz-id-2: V051fVnkIeMl8ENECFA9MuPyWloAW6UF7OOXhygRl6aBX5Iv5U2VMciwqPSKo4lwPA1J8/fZ+88=

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 76ms
69ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:53:28 GMT
server: cloudflare
age: 266465
etag: W/"637c0f78-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 771c97df2eaf91ed-FRA
expires: Sun, 26 Nov 2023 14:05:49 GMT

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/ 1 KB
955 B 48ms
42ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: BV0BDRJRBH72RBEC
age: 54677
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 771c97df286368f2-FRA
x-amz-id-2: arZKdFZG1qMeONujLGDxOk4D8obogIlqKuXsNXwck4HLr50Byq6cBFdM38WnRQm3psiVuIuDw5o=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/ 545 B
457 B 51ms
45ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: BV09CWW8G8JX1J5X
age: 54677
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 771c97df286868f2-FRA
x-amz-id-2: F9ivBH7ji2XgTRuQcAfSHqxuRwxzCJmUzeYsXgr1H6X0wPNzt8eJXiWtEGb9E4z0JYAf3lwSqqQ=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/ 2 KB
1 KB 52ms
47ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: BV0D4Y6C9K11ZPMB
age: 36484
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 771c97df286b68f2-FRA
x-amz-id-2: 5KV+l2aIl+NAuSC/f/kqj/XsFXnydAHuGI+oqfbircm9AaKXjc6N6ZhJ1qk70XsZXpmQunVF9xY=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/ 453 B
462 B 46ms
41ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
x-amz-request-id: BV09MEQBC0DT6MTD
age: 54677
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 771c97df286e68f2-FRA
x-amz-id-2: DYArSFCZ1J9aDHNxkXM/CepZx5VIg83ZZ/Xhu5qum46RpGXd3EPau7zolzZ4W/NLKr83f1rkWNE=

GET
H2 200 3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg
assets.classy.org/13648750/ 13 KB
14 KB 77ms
63ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79c31734f20d5eacae6b26c81f5872b8399c074e14ba0354d5345267feb9a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: wSo0zz6gPutE85gshGqVqQ7bSquj5NNx
x-amz-cf-pop: FRA60-P3
cf-polished: qual=85, origFmt=jpeg, origSize=84713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="3c8bdeb6-c31a-11eb-b186-0a58a9feac02.webp"
content-length: 13364
last-modified: Tue, 01 Jun 2021 20:45:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c340dc2d7c1f922def64fe81bc3d0837"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 771c97df388f68f2-FRA
x-amz-cf-id: wKUcbu0REDemq17gKlXThGKE7xrq0mw039hISXupTwBrj7v3xbPLxQ==

GET
H2 200 4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg
assets.classy.org/13648750/ 13 KB
14 KB 472ms
458ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4609a39b06d7bac192ff546a8302280ad2a94d92cfa5c3e740d1eabb83305f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1bcfde0e9a5967a480dbfe7b3cf03b1e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: 8iO_YRAy3gNtS4L0jHZil7Zl4XG9Si35
x-amz-cf-pop: BOM78-P3
cf-polished: qual=85, origFmt=jpeg, origSize=86180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.webp"
content-length: 13724
last-modified: Tue, 01 Jun 2021 20:45:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0b6c1b69c1ac841c85b4f728c23423be"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 771c97df389068f2-FRA
x-amz-cf-id: Pjl0IeEFqgegRuOkwPmqt1mJW8rTFSDm0-LWsm25tXDUrxNWCgXa-w==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/17519/static/global/images/ 394 B
655 B 43ms
41ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: KVY4DW88W1DACFTV
age: 61040
cf-polished: origFmt=png, origSize=547
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: SUzYvPR+B0+tfY1j2rJkZlIf6CnfvwJ9WOVnm4T2BbwZwfFcv+NcBDBtaoNdSBS1BjIFJpnulAM=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 771c97df287168f2-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/17519/static/fonts/ 65 KB
66 KB 99ms
68ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: X56YE0Y199FZ66XV
age: 45502
server-timing: cf-q-config;dur=8.000002708286e-06
content-length: 66624
x-amz-id-2: ZJXOUXxQ5JzsIH7PgnWTMlHX5bRJPc7lTmjXT0FFexNX+ol79zUfCrXkfoGOaOXw+wrtSLs438k=
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 771c97df6ae991d8-FRA

POST
H2 204 rum Show response
givenow.lls.org/cdn-cgi/ 0
142 B 42ms
42ms XHR
text/plain 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/rum?

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-828dc060fb0d81e6----1669738014612
traceparent: 00-ea4742a54e33790002b8fea8a3c4ee32-828dc060fb0d81e6-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4MjhkYzA2MGZiMGQ4MWU2IiwidHIiOiJlYTQ3NDJhNTRlMzM3OTAwMDJiOGZlYThhM2M0ZWUzMiIsInRpIjoxNjY5NzM4MDE0NjEyfX0=
content-type: application/json
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givenow.lls.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 771c97df5f1d91ed-FRA

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 334ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F342076%2F&q=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&d=givenow.lls.org&t=The%20Leukemia%20%26%20Lymphoma%20Society&us=sfmc&um=email&ua=Giving%20Tuesday%207AM_20221128_Event&ts=1669738014064&st=1669738014614

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 csp-report
q.stripe.com/ Frame 1D12 0
570 B 553ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1D12 0
571 B 552ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1D12 631 B
445 B 10ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:54 GMT
via: 1.1 varnish
age: 1368112
x-cache: HIT
content-length: 332
x-request-id: 7667b55b-5b41-4d0e-b966-8e1f96580495
x-served-by: cache-hhn4054-HHN
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 804562

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
258 B 276ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&_CLSY-56%20%5BLLS%5D%5BAll%20Devices%5D%20Progress%20Bar=v1%3A%20Numbered%20Progress%20Bar&st=1669738014671

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 160ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Nov 2022 16:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 16:06:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Nov 2022 16:06:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 128ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=692545341&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=389690560&gjid=1399022064&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&_r=1&_slc=1&z=982809842

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 124ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=692545341&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=282882735&gjid=517106055&cid=215380230.1669738014&tid=UA-225158-16&_gid=989872035.1669738014&_r=1&_slc=1&z=613043429

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
374 B 415ms
415ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 8f7a70d1-85f4-44d1-acbd-85bee03217fb
cf-ray: 771c97dfd948997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 96ms
41ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1669738014139&utt=294&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1083544664

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 95ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=3&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1669738014139&utt=1275&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1641670132

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 95ms
41ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=4&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1669738014139&utt=1622&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=2049104311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 95ms
41ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=5&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1669738014139&utt=1803&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1120741095

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 93ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=6&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1669738014139&utt=3164&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=765495580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 998 B
1014 B 129ms
46ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=initRecaptcha&render=explicit

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e737f4078803c6f7f4d94101868a8db0d2b1508a0bf801d584f98c991820ef6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 602
x-xss-protection: 1; mode=block
expires: Tue, 29 Nov 2022 16:06:54 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
376 B 410ms
409ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 7d750c68-faf7-43f2-a24d-50338e5d2e97
cf-ray: 771c97e04a74997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 328ms
328ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345e7915fd2e28307b0e28d1252ba89e6f04c07148701b13e92e6b815c246146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: b405dd4a-dadf-415e-b696-a04f4d37fa1f
cf-ray: 771c97e09b1d997b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 donation-sidebar-image.jpg
www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/ 67 KB
68 KB 445ms
220ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/donation-sidebar-image.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

6701bae55b79a9bbd4b4157ee1f072d5144dce94c74c851a67ce126dae9eebc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Fri, 09 Dec 2022 16:02:46 GMT
date: Tue, 29 Nov 2022 16:06:55 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 15:59:33 GMT
server: nginx
age: 345848
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 68753
x-request-id: v-9a447c82-6cda-11ed-800d-6fec3ebd4644
x-cache-hits: 15646

GET
H/1.1 200
OK Leukemia_Lymphoma_Society_Logo.jpeg
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 148 KB
148 KB 130ms
117ms Image
image/jpeg 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/Leukemia_Lymphoma_Society_Logo.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1cf4c3f7783acd7b95935ce797c3a7f8d9c134c81274d67dfd418e017ee90a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: vgBsg7J0tLX1oMtqWQHfXALALkH7LHur
Last-Modified: Thu, 06 May 2021 19:13:59 GMT
Server: AmazonS3
x-amz-request-id: 6EZ7BRGEEVZ59JGC
ETag: "7399e1ad909ddecce04213c4985ac8b9"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 151568
x-amz-id-2: xg24W14Ybi+Iy0ZeRLstMzBds238dx9uyna7X78hrcbFkSuaxpJvtvGPvV+udHNF3cyGVE3qBwE=

GET
H/1.1 200
OK DigiCert_logo.svg.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 40 KB
40 KB 128ms
116ms Image
image/png 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/DigiCert_logo.svg.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a631a08caf61b3391f7436707f8f2808aef4caf1faf5af8785c653c56366ae96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: 8yNFup.jCiiYf7q88ZxVZ0rbHTZHdMOF
Last-Modified: Fri, 28 May 2021 15:49:53 GMT
Server: AmazonS3
x-amz-request-id: 6EZC47H6C9YA5SN4
ETag: "600b5d901481a9ef521df589dfdb8d39"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 40500
x-amz-id-2: eFuIrdf145ON8Bj+bM2+64ZOclZSajyPraRjKzrLHU4QY/TQ9pKBWyLYRgDDFFJQ9UZQ9SlOezA=

GET
H2 200 lock.jpg
donate.lls.org/content360/lls/default/images/ 1 KB
2 KB 382ms
105ms Image
image/jpeg 54.80.160.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.lls.org/content360/lls/default/images/lock.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.80.160.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-80-160-115.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e6f8560c2bcfd37f2cb0aecc566f6e17a8d05f9035fa3c109435cb0b3ba4577d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Tue, 29 Nov 2022 16:26:55 GMT
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 12:44:56 GMT
server: Apache
etag: "4f4-5e801904658b3"
content-type: image/jpeg
cache-control: max-age=1200
accept-ranges: bytes
content-length: 1268
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H/1.1 200
OK credit-card.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 4 KB
5 KB 135ms
122ms Image
image/png 52.217.47.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/credit-card.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 653b1e7dda2ae31cadec0faef23859b36811acc21913d7eaf3f9a9da592bfb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
x-amz-version-id: .pgyDGLd4uE3leTaVI6.JLkMsUQEfeW5
Last-Modified: Wed, 05 May 2021 19:54:18 GMT
Server: AmazonS3
x-amz-request-id: 6EZ0JVVPPBCX9ARG
ETag: "23302ee1bf5938d693c8395b2fec9c30"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 4447
x-amz-id-2: mvnFl7EEn3D2lyb/7xeq2jRlvh1UvTHNjL/Uz9/Q9K9iF7gPpyuL/Swv3C0SvT8L4IcGN4QqimQ=

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 109ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1669738014945&hv=4.19.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 110ms
109ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=Giving%20Tuesday%207AM_20221128_Event&sp=ts&sp=1669738014064&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1669738014064&id0=2548408401157336&t0=click&n0=button&c0=payment-method-select-btn__cc&y0=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%7C%40cp-payment-widget%3B.ng-isolate-scope%3B%5Bapi%3DAPI%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bfee-processing%3DglobalState.feeProcessing%5D%3B%5Bhide-postal%3Dtrue%5D%3B%5Bmeta%3DMETA%5D%3B%5Bparent-model%3DMODEL%5D%3B%5Bpayment%3DMODEL.payment%5D%3B%5Bsubmit-digital-wallets%3DsubmitDigitalWallets%5D%3B%7C%40div%3B.donation-payment-method-select%3B.row%3B%5Bng-hide%3D%24ctrl.hideButtons%5D%3B%7C%40div%3B.column-md-5%3B%7C%40button%3B.payment-method-select-btn__cc%3B%5Baria-controls%3Ddonation-page_checkout_payment-form%20donation-page_checkout_payment-details%5D%3B%5Baria-expanded%3Dtrue%5D%3B%5Bdata-tracked-element%3Ddonation-page_checkout_credit-card-btn%5D%3B%5Bng-click%3D%24ctrl.showCardInputs()%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1669738014822&x0=CREDIT%20CARD&id1=3755707998807526&t1=click&n1=div&c1=donation-amount-recurring__btn%20once%20hover-state_one-time%20selected&y1=%40div%3B.donation-amount-recurring%3B%7C%40div%3B.donation-amount-recurring__switch%3B.ng-scope%3B.rf%3B%5Baria-label%3DSelect%20a%20donation%20frequency%5D%3B%5Bdata-ng-if%3D!%24ctrl.preventOldrfForDeque%20%26%26%20!%24ctrl.onlyReccurringFrequency(%24ctrl.frequencyLevels)%20%26%26%20%24ctrl.recurringLevels(%24ctrl.frequencyLevels).length%20%3E%200%5D%3B%5Bdata-ng-init%3D%24ctrl.showFreqDropdown()%5D%3B%5Brole%3Dradiogroup%5D%3B%7C%40div%3B.donation-amount-recurring__btn%3B.hover-state_one-time%3B.once%3B.selected%3B%5B_spec%3Done-time%5D%3B%5Bdata-ng-class%3D%7B%27selected%27%3A%20%24ctrl.frequency%20%3D%3D%3D%20%27one-time%27%7D%5D%3B%5Bdata-ng-click%3D%24ctrl.selectFrequency(%27one-time%27)%20%24ctrl.showFreqDropdown(%27one-time%27)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-keypress%3D%24ctrl.selectFrequency(%27one-time%27%2C%24event)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-mouseout%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Cfalse)%5D%3B%5Bdata-ng-mouseover%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Ctrue)%5D%3B%5Bdata-ng-style%3D%24ctrl.oneTimeBtnStyle(%27one-time%27)%5D%3B%5Btabindex%3D0%5D%3B%7C&ts1=1669738014899&x1=One%20time&id2=2783453405354950&t2=click&n2=button&c2=active-button&i2=recur-no&y2=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40section%3B.donation-amount%3B.ng-scope%3B%5Bdata-ng-controller%3DfrsDonationAmountCtrl%5D%3B%7C%40donation-amount-recurring-rf%3B.ng-isolate-scope%3B.ng-scope%3B%5Bamount%3DMODEL.items0.raw_final_price%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bdonation-context%3DCONTEXT%5D%3B%5Bfrequency-levels%3DDonationBlock.current%27recurring-level%27%5D%3B%5Bfrequency%3DMODEL.frequency%5D%3B%5Blevels%3Dstate.levels%5D%3B%5Bnew-amount%3DMODEL.items0.raw_final_price%5D%3B%5Bng-if%3D!preventRecurringFrequency%5D%3B%5Bpreview%3DglobalState.isPreview%5D%3B%5Bprevious-frequency-price%3DMODEL.items0.previous_frequency_price%5D%3B%5Brecur_until%3DMODEL.recur_until%5D%3B%5Brecurring-donation-levels%3Dstate.recurringDonationLevels%5D%3B%5Bsetting-page-frequency%3DMODEL.frequency%5D%3B%7C%40div%3B%23custom-recurring%3B%7C%40div%3B.recurring-buttons%3B%7C%40button%3B%23recur-no%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts2=1669738014910&x2=No&st=1669738014948

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 78ms
78ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17519/static/global/libs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 23:53:28 GMT
server: cloudflare
age: 266465
etag: W/"637c0f78-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 771c97e17b3591ed-FRA
expires: Sun, 26 Nov 2023 14:05:49 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 484ms
109ms XHR
text/plain 52.55.12.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.12.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-12-93.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 45840e04-db7a-437d-9a1a-03b896435695

GET
H/1.1

200

five9-social-widget.css
app.five9.com/five9_clients/consoles_latest/SocialWidget/
Redirect Chain

https://app.five9.com/consoles/SocialWidget/five9-social-widget.css?_=1669738014985
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

5 KB
5 KB

111ms
111ms

Stylesheet
text/css

198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

Protocol

HTTP/1.1

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

86815552a6ac093a94dde24b65658c956fd3d91415541dc467368fbc8ebd7e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"4699-1666161959000"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4699
X-XSS-Protection: 1

Redirect headers

Location: /five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985
Date: Tue, 29 Nov 2022 16:06:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1
Content-Type: text/html

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:20 GMT
x-content-type-options: nosniff
age: 443795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:20 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 180ms
97ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:20 GMT
x-content-type-options: nosniff
age: 443795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:20 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 197ms
116ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:20 GMT
x-content-type-options: nosniff
age: 443795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:20 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 203ms
130ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:43:38 GMT
x-content-type-options: nosniff
age: 544997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:43:38 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 149ms
76ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:20 GMT
x-content-type-options: nosniff
age: 443795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:20 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2F0E 930 B
1 KB 50ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 104
x-content-type-options: nosniff
x-request-id: 87a0676d-e259-4c31-bc6c-cc329c2fcbb6
x-served-by: cache-hhn4054-HHN
x-timer: S1669738015.061947,VS0,VE0

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/17519/static/global/fonts/ 42 KB
43 KB 73ms
72ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17519/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ff0ba18d94ce97ff88b90e91c0ba0dca8f3a9523d0976bdc2e77dee42ada45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17519/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: X56VZCXV8VY8PYYY
age: 63762
server-timing: cf-q-config;dur=9.0000103227794e-06
content-length: 43184
x-amz-id-2: GTVwihCR8KAA1xcYV9Aei3HqdsNK0MYBpxpeG2jTDLH61AqokycXZm+cIoJIFcoJw52wqe6yu/E=
last-modified: Mon, 21 Nov 2022 23:57:43 GMT
server: cloudflare
etag: "506441e97a238fcb7a3ae42ce984599e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 771c97e1d83091d8-FRA

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
615 B 205ms
179ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1216.487a282&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3507&ck=1&ref=https://givenow.lls.org/give/342076/&ap=423.424989&be=1799&fe=2537&dc=2534&tt=606de5b511ac166e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669738011520,%22n%22:0,%22f%22:236,%22dn%22:237,%22dne%22:261,%22c%22:261,%22s%22:274,%22ce%22:294,%22rq%22:294,%22rp%22:1275,%22rpe%22:1622,%22dl%22:1277,%22di%22:1648,%22ds%22:1797,%22de%22:1797,%22dc%22:1797,%22l%22:1797,%22le%22:1803%7D,%22navigation%22:%7B%7D%7D&fp=3112&fcp=3112&jsonp=NREUM.setToken
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 771c97e21989693a-FRA

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 467 B
478 B 287ms
101ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=OYfFVDFEbzMkus7L

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b826cb7069e9c1a4257da822a49ff7514972bca0ef80e666a223dfcc6c40aa97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 108ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=Giving%20Tuesday%207AM_20221128_Event&sp=ts&sp=1669738014064&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1669738014064&id0=169488793815928&t0=click&n0=button&c0=form__radio-control%20checked&y0=%40div%3B.mp-sensitive%3B.ng-scope%3B%5Bdata-heap-ignore%3Dtrue%5D%3B%5Bdata-ng-if%3Dshow.customQuestions()%5D%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27custom-questions%27)%5D%3B%7C%40div%3B.billing-mailing-same%3B.donation-table%3B.ng-scope%3B%5Bdata-ng-repeat%3Dquestion%20in%20list.customQuestions%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27questions%2F%27%20%2B%20question.type)%5D%3B%7C%40div%3B.donation-table_row%3B.ng-scope%3B%7C%40div%3B.donation-table_columns%3B%7C%40div%3B.donation-table_column%3B%7C%40radio-control%3B.ng-dirty%3B.ng-isolate-scope%3B.ng-not-empty%3B.ng-not-modified%3B.ng-touched%3B.ng-valid%3B.ng-valid-parse%3B.ng-valid-required%3B%5Baria-invalid%3Dfalse%5D%3B%5Bname%3Dcq_710217%5D%3B%5Bng-model-options%3D%7B%20getterSetter%3A%20true%20%7D%5D%3B%5Bng-model%3DMETA.answersquestion.id%5D%3B%5Bng-required%3Dquestion.is_required%5D%3B%5Bsc-form-error%3Dhighlight%20if%20cq_710217%20fails%5D%3B%5Bvalue%3D%27Yes%27%5D%3B%7C%40button%3B.checked%3B.form__radio-control%3B%5B_spec%3Dbutton%5D%3B%5Baria-checked%3Dtrue%5D%3B%5Baria-label%3D%5D%3B%5Bng-class%3D%7B%20checked%3A%20%24ctrl.isChecked()%20%7D%5D%3B%5Bng-click%3D%24ctrl.select()%5D%3B%5Bng-disabled%3D%24ctrl.disabled%5D%3B%5Bng-keydown%3D%24ctrl.onKeyDown(%24event)%5D%3B%5Brole%3Dradio%5D%3B%5Btabindex%3D0%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1669738014917&x0=Yes&id1=2642821319793214&t1=click&n1=button&c1=active-button&i1=mailing-yes&y1=%40div%3B.ng-scope%3B%5Bfrs-donation-block%3D%5D%3B%7C%40div%3B.donation-block%3B.frs-donation-block%3B.ng-scope%3B%7C%40main%3B.donation-block_main%3B%5Bdata-ng-show%3DCryptoGiving.hidden()%20%26%26%20!CryptoGiving.exclusive()%5D%3B%7C%40form%3B.donation-block_form%3B.ng-dirty%3B.ng-invalid%3B.ng-invalid-max%3B.ng-invalid-min%3B.ng-invalid-required%3B.ng-valid-email-address%3B.ng-valid-maxlength%3B.ng-valid-minlength%3B.ng-valid-parse%3B.ng-valid-pattern%3B.ng-valid-phone-number%3B%5Bdata-ng-submit%3Dsubmit()%5D%3B%5Bdata-sc-broadcast-form-errors%3D%5D%3B%5Bname%3DFORM%5D%3B%5Bnovalidate%3Dnovalidate%5D%3B%7C%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%23custom-mailing%3B%7C%40div%3B.mailing-buttons%3B%7C%40button%3B%23mailing-yes%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts1=1669738014918&x1=Yes&id2=3299918892610302&k2=environment&k2=prod&k2=organization_id&k2=33874&k2=campaign&k2=342076&k2=campaign_type&k2=donation&k2=duplicate_fundraisers&k2=false&k2=existing_fundraiser&k2=false&k2=label&k2=Begin%20Checkout&k2=action&k2=checkout&k2=currency&k2=USD&t2=Begin%20Checkout&ts2=1669738014947&st=1669738015071

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 60ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1669738015.dop210.am5.t,1669738015.cds312.am5.hn,1669738015.cds012.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3837893-1&cid=215380230.1669738014&jid=389690560&gjid=1399022064&_gid=989872035.1669738014&_u=KGDACEAABAAAACAAI~&z=174747548

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=282882735&gjid=517106055&_gid=989872035.1669738014&_u=KGDACEABBAAAACAAI~&z=270528572

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 602ms
491ms Script
application/javascript 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2Njk4MjQ0MTQsImp0aSI6ImE1N2VmOGQ3LWU3NDAtNDY5OC1iMGQ3LTY2OTcwY2JhZmZiNyIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.YXpRuONANl-x4PRfCmEOybwwkXJo0bticUu8PspfcI5Fr-mhyahGvo3TPmPp9BNMGQ7eg8GC6GjeqOiQd_GG2g&callback=callback_jsona6a82159ee434ef8a09e89d6342571c1

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

77a62d270ef5d5edee21c6bdbc3cb9d6dfb94ee8dddddbed02f5378acfe9f5ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
paypal-debug-id: 6abd2a598aa24
X-XSS-Protection: 1; mode=block
x-request-id: b323de18-2a25-48d5-aee1-9788546c5adf
x-runtime: 0.320138
referrer-policy: strict-origin-when-cross-origin
etag: W/"78c6a1fb8fbcf9453a99bad07c1ef347"
x-download-options: noopen
X-Frame-Options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-BroxyId: b323de18-2a25-48d5-aee1-9788546c5adf

GET
H/1.1 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 512ms
424ms Script
application/javascript 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2Njk4MjQ0MTQsImp0aSI6IjkzMzVkMTc4LWVlYTktNDUyNi04Y2I1LTA3MDY1YmRkOWYwZCIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.8q8e5w_Fj8arwC_bKKXvbSBhxhEY1OK1N_OijxWKBqjDQoq-sgXHrO1h0q_0SUVFEtpau-aoYvMnXoYCe3DEOA&callback=callback_json7b5bcb31ecc8464199b15480e636a589

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

Resource Hash

dafc5dfda5b84c34f0817cfc00eccabaaa2367a07b173e00197a86debc0dcbc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
paypal-debug-id: 5a3385487b0b4
X-XSS-Protection: 1; mode=block
x-request-id: 5df766a5-ff22-4db5-b902-297045647d24
x-runtime: 0.296911
referrer-policy: strict-origin-when-cross-origin
etag: W/"9c318770b9098fce7c3145fbe97dcfa3"
x-download-options: noopen
X-Frame-Options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-BroxyId: 5df766a5-ff22-4db5-b902-297045647d24

POST
H2 200 csp-report
q.stripe.com/ Frame 2F0E 0
344 B 178ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
101 KB 175ms
93ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f66ec078757cdecb02e0114cb165512f0394b8908b651fedb04615798fc33f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103444
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 16:06:55 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 128ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:43:38 GMT
x-content-type-options: nosniff
age: 544997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:43:38 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 126ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:20 GMT
x-content-type-options: nosniff
age: 443795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:20 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/ 161 KB
53 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 15:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54014
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Nov 2023 15:51:06 GMT

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 5007 320 KB
104 KB 11ms
9ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgivenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2310365
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 29 Nov 2022 16:06:55 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 controller-0ab991f8c7ab188e2ac0d18e04e20111.html Show response
js.stripe.com/v3/ Frame 2166 325 B
810 B 8ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 30
cache-control: max-age=60
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
etag: "0ab991f8c7ab188e2ac0d18e04e20111"
last-modified: Tue, 22 Nov 2022 03:54:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 20
x-content-type-options: nosniff
x-request-id: 494f4b04-392a-483a-adde-2dcee7693a5c
x-served-by: cache-hhn4054-HHN

GET
H2 200 payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html Show response
js.stripe.com/v3/ Frame DC2D 408 B
846 B 14ms
8ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

02683d118a5662036b12b4ac44efcd6357ed46978215f125c76d72b7bd0e8fc9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 648354
cache-control: max-age=31536000
content-encoding: br
content-length: 183
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
etag: "6fd7315633767d82f5b4b703ef1816ff"
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 11850
x-content-type-options: nosniff
x-request-id: e2771367-14a2-4192-b077-2d80b6f0f640
x-served-by: cache-hhn4054-HHN

GET
H2 200 payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html Show response
js.stripe.com/v3/ Frame 3029 344 B
962 B 12ms
8ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3a5066bacdf8979efea7e0f82ebce54aacbe38af7e84ba2dd898150dba62c2c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36
cache-control: max-age=60
content-encoding: br
content-length: 161
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
etag: "2969b2892fcc42edf2e38723d9af16d0"
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 9849bb0a-4c88-4432-9725-0ae6b7660f5f
x-served-by: cache-hhn4054-HHN

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 2F0E 86 KB
16 KB 11ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 33
x-cache: HIT
content-length: 16031
x-request-id: a47f3825-91f8-429e-ba31-f7fea9fb5b9f
x-served-by: cache-hhn4054-HHN
server: Fastly
x-timer: S1669738015.211858,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 77

GET
H/1.1 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 319ms
303ms Script
application/javascript 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2Njk4MjQ0MTUsImp0aSI6ImNmODY4MmY4LTQ4ZGMtNDI2MC1hZjRlLTk0ODk0OGNmMGQxMiIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.T_5gymPwfmML3ZBo2ETF5rLQdhqL-_dAeI6MmZl9qBXTzJEPAepSdcjHxkfnHII7d5ua97ROPNJaWAOw1TdUsg&callback=callback_json77d443b9fba744348c9fd60bc0592cd3

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4c4418a3d6b4b7e697723804d06762632a9c54cd8a458702a139d206c27b4095

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
paypal-debug-id: 5c93714ed6474
X-XSS-Protection: 1; mode=block
x-request-id: 05b25fce-3358-4da4-bbda-73857b2ee662
x-runtime: 0.180201
referrer-policy: strict-origin-when-cross-origin
etag: W/"a46f1d4238604381f72f03980da42374"
x-download-options: noopen
X-Frame-Options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-BroxyId: 05b25fce-3358-4da4-bbda-73857b2ee662

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 129ms
36ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 14:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 14:52:51 GMT

GET
H2 200 controller-0ab991f8c7ab188e2ac0d18e04e20111.html Show response
js.stripe.com/v3/ Frame 4722 325 B
810 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 30
cache-control: max-age=60
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
etag: "0ab991f8c7ab188e2ac0d18e04e20111"
last-modified: Tue, 22 Nov 2022 03:54:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 21
x-content-type-options: nosniff
x-request-id: e5d4ec05-21d2-4bab-a159-f8cd688199e6
x-served-by: cache-hhn4054-HHN

GET
H3 200 css Show response
fonts.googleapis.com/ 2 KB
522 B 124ms
48ms Fetch
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d65117e41688b9531881feb247e2279238af4da263200cc264accf1e7773e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 16:06:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Nov 2022 16:06:55 GMT

GET
H2 200 elements-inner-card-180159345ce5ca40cf05560276ef12f8.html Show response
js.stripe.com/v3/ Frame 71F7 798 B
1 KB 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0bb4457a21983eedb423058dbba9788909de635dbdbba8f740f6f444a3800383

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 648624
cache-control: max-age=31536000
content-encoding: br
content-length: 290
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:55 GMT
etag: "180159345ce5ca40cf05560276ef12f8"
last-modified: Tue, 22 Nov 2022 03:54:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 39997
x-content-type-options: nosniff
x-request-id: e1693e1c-8259-4aec-8339-0298f5e053ba
x-served-by: cache-hhn4054-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame 2166 0
570 B 177ms
177ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2166 281 KB
63 KB 11ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 64650
x-request-id: b5506672-9534-4aa0-92aa-a6d510c5b028
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111559

GET
H2 200 controller-7debbe0b3d236f89f990509f6668b469.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2166 439 KB
106 KB 10ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-7debbe0b3d236f89f990509f6668b469.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 108619
x-request-id: dbffc98c-9347-46b9-ab5e-f66d5d13b114
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:46 GMT
server: Fastly
etag: "a448b4cb3d20acf662dd0f764deb7a09"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 104512

POST
H2 200 csp-report
q.stripe.com/ Frame 3029 0
570 B 178ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3029 0
570 B 179ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3029 281 KB
63 KB 9ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 64650
x-request-id: c8ac6327-6d63-4293-81c5-024ec8862f5b
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111560

GET
H2 200 payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3029 11 KB
4 KB 9ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

60b7417fecca912926f6bfa3a11c2e50d18e6c7490e759448cfb6feed573cf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2969b2892fcc42edf2e38723d9af16d0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 1368024
x-cache: HIT
content-length: 4246
x-request-id: 010d3aa7-be47-4d18-bb18-04704addf8b7
x-served-by: cache-hhn4054-HHN
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "c8e2b06db6e11dea0461de74e850b6a6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41387

POST
H2 200 csp-report
q.stripe.com/ Frame DC2D 0
570 B 178ms
177ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DC2D 0
570 B 179ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame DC2D 102 KB
33 KB 112ms
63ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LyItaafmMgvMeoldKIlkww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LyItaafmMgvMeoldKIlkww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 29 Nov 2022 16:06:55 GMT

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DC2D 281 KB
63 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 64650
x-request-id: 8e38d1f1-a88f-46c3-9a4e-5e3080128375
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111561

GET
H2 200 payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DC2D 9 KB
4 KB 8ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 1368011
x-cache: HIT
content-length: 3383
x-request-id: 36390853-4d7a-4fdd-bb84-4955fb294dc6
x-served-by: cache-hhn4054-HHN
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "1d702381bed2746ffebb1ffefc2444b4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26340

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 148ms
64ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=282882735&_u=KGDACEABBAAAACAAI~&z=14240540

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
62ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=282882735&_u=KGDACEABBAAAACAAI~&z=14240540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4722 0
570 B 178ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4722 281 KB
63 KB 8ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 64650
x-request-id: 49ffd27f-56ca-444c-bf7b-66d4b606780e
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111562

GET
H2 200 controller-7debbe0b3d236f89f990509f6668b469.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4722 439 KB
106 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-7debbe0b3d236f89f990509f6668b469.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 108619
x-request-id: 92f0abc2-e0e7-4137-bc2f-b463b658b83a
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:46 GMT
server: Fastly
etag: "a448b4cb3d20acf662dd0f764deb7a09"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 104513

POST
H2 200 csp-report
q.stripe.com/ Frame 71F7 0
570 B 176ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 71F7 0
570 B 177ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-165-131-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 71F7 281 KB
63 KB 10ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 648625
x-cache: HIT
content-length: 64650
x-request-id: 1a2d6fd5-e6e3-485c-9018-51045be4ebd9
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111563

GET
H2 200 ui-shared-d642756d6b2fe5ff3f3082e52195392b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 71F7 231 KB
65 KB 10ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-d642756d6b2fe5ff3f3082e52195392b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c593a5955e5bbdb5e048535982fb1a361ebc620a99554eccc5fe24ce37f2201c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 691311
x-cache: HIT
content-length: 66667
x-request-id: b516dd02-f543-4efb-988e-3fac4eb66b1f
x-served-by: cache-hhn4054-HHN
last-modified: Mon, 21 Nov 2022 16:03:18 GMT
server: Fastly
etag: "e33bc9017f27150aa5e2780e01f8d8de"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37727

GET
H2 200 elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 71F7 50 KB
13 KB 9ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

769733bf26bce6487a83cd8295fea49b08e29f79700b0c9d14ff38ba8a660d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 691311
x-cache: HIT
content-length: 12725
x-request-id: 0347f445-5985-45e8-8506-ce1aca73b088
x-served-by: cache-hhn4054-HHN
last-modified: Mon, 21 Nov 2022 16:03:16 GMT
server: Fastly
etag: "8fc9391a1fe5856dc738a7f4442af61d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28678

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame 71F7 19 KB
3 KB 12ms
11ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 1016904
x-cache: HIT
content-length: 2806
x-request-id: 1f9a87ea-d62c-4445-95cd-5cace92881cc
x-served-by: cache-hhn4054-HHN
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Fastly
etag: "946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 52489

GET
H2 200 elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css
js.stripe.com/v3/fingerprinted/css/ Frame 71F7 5 KB
1 KB 10ms
9ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

40f32f785992d95f60702abf5baf09b4804fca7655de9d2ba169fec2ad84926e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 16:06:55 GMT
via: 1.1 varnish
age: 1016904
x-cache: HIT
content-length: 981
x-request-id: d5fccc84-3031-4823-b729-7464558b31cd
x-served-by: cache-hhn4054-HHN
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Fastly
etag: "d2626d1c6ef395c18991522165918639"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39837

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5007 973 B
713 B 197ms
112ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ec72c5fbc414c42707d732f360db2203930eba71

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgivenow.lls.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c16e1aa315c73b63d06c26a6d9bf4e73c344abf495887104e8b5eb7b9c4c9ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 29 Nov 2022 16:06:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 584646e6d5185d4e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 35978a4c6ab7888df2e0b67048b44aad28ad27bb914fb648fba2462eca41f560
content-length: 391

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
givenow.lls.org/sso/ssobuild/js/ 22 KB
7 KB 74ms
73ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-67ebcbc224ee26f8----1669738015354
traceparent: 00-988009ee1e5d126f6a022f031a9289ea-67ebcbc224ee26f8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2N2ViY2JjMjI0ZWUyNmY4IiwidHIiOiI5ODgwMDllZTFlNWQxMjZmNmEwMjJmMDMxYTkyODllYSIsInRpIjoxNjY5NzM4MDE1MzU0fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 17:55:22 GMT
cf-bgj: minify
server: cloudflare
age: 4686234
etag: W/"632ca18a-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 771c97e3f90c91ed-FRA
expires: Fri, 06 Oct 2023 10:23:01 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 2F0E 156 B
523 B 544ms
183ms XHR
application/json 35.165.131.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.165.131.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

623a2078e64b641072dd1272e9b7ca006381209adb77c37ea3b22cef2ac3f8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2166 474 B
585 B 21ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 275
x-request-id: 3eb65b27-1c03-4727-a8c2-4ca6c3d547b2
x-served-by: cache-hhn4068-HHN
last-modified: Tue, 22 Nov 2022 04:35:55 GMT
server: Fastly
etag: "8187e54a4c42e719206e850e7751fe34"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 status Show response
givenow.lls.org/sso/ 89 B
1 KB 194ms
193ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36105986097447659195_1669738015352&_=1669738015353

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

58ea8a60057ad62508570cc7c46abdeb071bb8a6ac93ea6fbe7680d7eae1b463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-d7a04d9a5d7dd904----1669738015544
traceparent: 00-0d9cbf7717f5d5140d6181ec0743f48d-d7a04d9a5d7dd904-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkN2EwNGQ5YTVkN2RkOTA0IiwidHIiOiIwZDljYmY3NzE3ZjVkNTE0MGQ2MTgxZWMwNzQzZjQ4ZCIsInRpIjoxNjY5NzM4MDE1NTQ0fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 771c97e52b7f91ed-FRA
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4722 474 B
350 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 275
x-request-id: 712dcd7a-e3a0-45b1-b331-8f975eba621e
x-served-by: cache-hhn4068-HHN
last-modified: Tue, 22 Nov 2022 04:35:55 GMT
server: Fastly
etag: "8187e54a4c42e719206e850e7751fe34"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/ 2 KB
2 KB 146ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/?random=1669738015589&cv=11&fst=1669738015589&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=1790789906.1669738016&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d654b07b30fdb64001572c0fec93ec1d2ba1bfb82db61190e16e91fa1061bbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 978
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=130113519&gjid=1208921514&_gid=989872035.1669738014&_u=aGDAiEABBAAAAGAAI~&z=1546296871

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 15:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2532
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 29 Nov 2022 17:24:43 GMT

GET
H3

200

activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_so... Show response
8977078.fls.doubleclick.net/ Frame C4E7
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow...

735 B
349 B

170ms
107ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

74f37c1d48ffa652346139b06a2c7660c96145770ffb292e0c264200353ddb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Tue, 29 Nov 2022 16:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Fu... Show response
8977078.fls.doubleclick.net/ Frame 22E3
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgi...

740 B
353 B

135ms
73ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

82a272ec175a3593c23f71d5695972c139553be2dc6a8881451ed35e98fb3c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Tue, 29 Nov 2022 16:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/ 2 KB
1 KB 126ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1669738015639&cv=11&fst=1669738015639&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=1790789906.1669738016&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7baaa66b10be1ee9e7d79464c8326a2e84cc2339ce88750bf36df860139a7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/779965559/ 2 KB
1 KB 151ms
51ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/779965559/?random=1669738015640&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=1790789906.1669738016&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

d2f23163b70204a2e2f4b7b83a028605fd68a828aed3224e79bc0478738c464b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 134ms
97ms Script
application/javascript 2a02:26f0:1700:786::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:786::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
2 KB 145ms
51ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1669738015646&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=1790789906.1669738016&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

637e615cf15bd123b1a6e38a7f64b5920d544de7285671854fe848c5070750e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 43ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=76442
accept-ranges: bytes
content-length: 4581

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Nov 2022 16:06:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: UPLqlIy1yvB1i1tkDd2FaAaIR26dX7MTSpEsbhK6VxLiz396PGB04eR/Tfj4PWNIfhPYQ5sL6gf49+UI7mQpZQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 67ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 29 Nov 2022 16:06:54 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8EE52259F73C4C15B9CFDDD4D3F2C9A6 Ref B: FRAEDGE1919 Ref C: 2022-11-29T16:06:55Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 merkle_track.js Show response
cdn.merklesearch.com/ 2 KB
1 KB 36ms
5ms Script
application/javascript 18.66.112.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.merklesearch.com/merkle_track.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b50fe60629db539a09545bae38ce3668b8f151a25ce2914cf707654c6424c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:25:26 GMT
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2019 16:04:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 64907
etag: W/"ba48ece064f452562968947c4e6d063b"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 5-AWnCLW0vGydN4kTjfnTMlTVlKfG4q-hgknEiXrvfGg4n_5n3ikPg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 107ms
29ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Dec 2022 16:06:55 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 66B4
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...

1 KB
2 KB

195ms
134ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=57399951316813530&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

92a44a9e513709b85ee32ceecbabdb4ee54eefdbae6f49bb59021c37eb379143

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1233
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 29 Nov 2022 16:06:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 542F4MZJQ35XNTP5GZ2M

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 29 Nov 2022 16:06:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=57399951316813530&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 34MPFX0VYA6AS39GSNEH

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 55ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 23:31:36 GMT
Content-Encoding: gzip
Via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 59720
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: A7ErZCWtdOGaFuyb1y1v7jVEtNO-3uBsmtxZmuMnvESEmRvIlIhR0g==

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 113ms
8ms Script
text/plain 23.44.75.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=6894817b-ce68-494a-a2cd-4e160ce0f1d8&suu=1&dmn=givenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.75.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-75-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
Expires: Tue, 29 Nov 2022 17:06:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eea6f6e887bc7e2f28facf1eeeb6c7d08997888c97c0839f8c78cd1eaf9b886d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75979
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:55 GMT

GET
H2 404 bind
media2.legacy.com/ 0
77 B 386ms
105ms Image
text/plain 54.243.123.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.legacy.com/bind?ckey1=LeukemiaLymphSoc;cvalue1=1;expiresDays=60;adct=image/gif;misc=123;&gtmcb=449257788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.123.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-123-66.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=pageview&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAACAAI~&jid=130113519&gjid=1208921514&cid=215380230.1669738014&tid=UA-225158-16&_gid=989872035.1669738014&gtm=2wgb90PC52XK&z=532952234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48264
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=823220&seg=8043408&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D[u1]%26pixel_id%3D823220%26uid%3D%24%7BUID%7D&t=2&gtmcb=899841000
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D823220%26seg%3D8043408%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253D%5Bu1%5D%2526pixel_id%253D823220%2526uid%253D%2524%25...
https://pixel.mediaiqdigital.com/pixel?u1=[u1]&pixel_id=823220&uid=8611575582870771978

2 B
82 B

35ms
8ms

Image
application/json

18.198.103.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mediaiqdigital.com/pixel?u1=[u1]&pixel_id=823220&uid=8611575582870771978
Protocol: H2
Server: 18.198.103.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-103-95.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Tue, 29 Nov 2022 16:06:55 GMT
AN-X-Request-Uuid: dfc7967a-79c7-42d1-80ab-54c761e31e8a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://pixel.mediaiqdigital.com/pixel?u1=[u1]&pixel_id=823220&uid=8611575582870771978
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 115ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:t1qofst&fmt=3&gtmcb=1595005447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 71F7 474 B
353 B 7ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 275
x-request-id: fd052239-88f5-4bdf-b901-4dcc09acb223
x-served-by: cache-hhn4068-HHN
last-modified: Tue, 22 Nov 2022 04:35:55 GMT
server: Fastly
etag: "8187e54a4c42e719206e850e7751fe34"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 8A8A 43 KB
23 KB 60ms
60ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tcnsndmtormv

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6724388e5f665c7070439ea450956d1ae93fb6d04cd65be238ceee7b7bd5612b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-orQ4JRRLTFK39Y_RNR6N6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23057
content-security-policy: script-src 'report-sample' 'nonce-orQ4JRRLTFK39Y_RNR6N6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 2166 304 B
949 B 253ms
188ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&stripe_js_id=e79ce379-cf49-4b92-ad3c-64def18657c6

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3a1edacb17defddc4b9af87e8c8f3c6c9635aee2dbe553fae431ae3379ebab9a

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 304
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 1760 18 KB
7 KB 106ms
68ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29e3ba622e21639692126c92caa59d78ecaf7b157a37f19db18eb55d23bb8ca6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NjElgkvnwhBWRccFlmkwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NjElgkvnwhBWRccFlmkwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Tue, 29 Nov 2022 16:06:55 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H/1.1 200 chat-small.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 589 B
1 KB 112ms
112ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/chat-small.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

2972dd804d7cf59ed7b67f73bec6d74b776774c8058d5f8e37a0e87e7ed07339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"589-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 589
X-XSS-Protection: 1

GET
H/1.1 200 minus-32.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 167 B
844 B 224ms
111ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/minus-32.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

0fa5f0a9f2f58f897f5c4f057cafbd53f833d8f3210cfa10b9581dbd00f916fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"167-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 167
X-XSS-Protection: 1

GET
H/1.1 200 external-link-32.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 389 B
1 KB 329ms
110ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/external-link-32.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

a046fdd4444ac02d32b8c049847221419e8e5fb391d5a1b21b959d8d32caa82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1669738014985
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 16:06:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"389-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 389
X-XSS-Protection: 1

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 63ms
62ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=130113519&_u=aGDAiEABBAAAAGAAI~&z=495681043

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 149ms
66ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=215380230.1669738014&jid=130113519&_u=aGDAiEABBAAAAGAAI~&z=495681043

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 187ms
179ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:55 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 187ms
179ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:55 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 186ms
178ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:55 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 361ms
354ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 362ms
356ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 361ms
355ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 362ms
356ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 362ms
357ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 360ms
355ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 363ms
359ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 360ms
357ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 360ms
357ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 536ms
533ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 534ms
531ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 534ms
533ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 532ms
532ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 530ms
530ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 531ms
531ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 530ms
530ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 529ms
529ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 531ms
530ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 528ms
528ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 527ms
527ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 529ms
529ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 529ms
529ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3

200

activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2... Show response
8977078.fls.doubleclick.net/ Frame 8624
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F...

756 B
362 B

78ms
78ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

66549df452d37a14c8d422e78d872df9b01294763d4abd5aa4122bb5c3ca625c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Tue, 29 Nov 2022 16:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
1 KB 130ms
51ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1669738015845&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=1790789906.1669738016&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

99d678d990436214ca71b9a9385bf0ca45a10954ebf01e4ad7dbb217c9efd8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 2680
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...

1 KB
2 KB

135ms
134ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=206663958798874340&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2d68077587ddd927aa37ff1f618efdfcaae6e0eb7d23361abb9390137ad74f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1233
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 29 Nov 2022 16:06:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZN9Z4VS17VCNAKBNRY69

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 29 Nov 2022 16:06:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=206663958798874340&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: JNZHRV3BGSBD1HMQKX25

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=timing&_s=7&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1669738014139&utt=4248&_u=aGDACEABBAAAAGAAI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1980709713

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48264
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 36ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:7g2encq&fmt=3&gtmcb=1386941033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 108ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=Giving%20Tuesday%207AM_20221128_Event&sp=ts&sp=1669738014064&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1669738014064&id0=7472872609930172&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.121%20Safari%2F537.36&k0=event_id&k0=1669738016.232615291677&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1669738015849&st=1669738015849

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-170-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 8A8A 52 KB
24 KB 124ms
42ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tcnsndmtormv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 12:23:34 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 8A8A 402 KB
161 KB 144ms
63ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 14:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 14:52:51 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 479ms
478ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 476ms
476ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 71F7 11 KB
11 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Origin: https://js.stripe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 22:19:32 GMT
x-content-type-options: nosniff
age: 64043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11232
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 22:19:32 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 468ms
467ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 489186234582967 Show response
connect.facebook.net/signals/config/ 485 KB
144 KB 91ms
82ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489186234582967?v=2.9.89&r=stable

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b71b28c52e3cf26b01c5e428d448a6a14037edfb95d925f88b6e77a8aa163085

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Nov 2022 16:06:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pckfz2u8BsLF9c6e7kxgcG2zMEQHhdjfgZSHkaKtMT1KFm+DFTmt3791fSAvp4P6O+xDEjsF1uQFx+GiHUZ+Ww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3510324/domain/givenow.lls.org/ Frame 0
0 46ms
7ms Preflight 2600:9000:2251:7e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3510324/domain/givenow.lls.org/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 52953
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 29 Nov 2022 01:24:22 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id: _74GXtFLL_GlZ2rEmWB_OrrTZcJCyl6Jn2Es_SvFGtSOAtdQbHJQ6w==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3510324/domain/givenow.lls.org/ 36 B
373 B 11ms
10ms XHR
application/json 2600:9000:2251:7e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3510324/domain/givenow.lls.org/token
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Nov 2022 16:05:10 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 105
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: kZIzF9Vwg0bDxyYRdIL2wWws1_0kwiE4ZVhc9ws0Ky6Rjfstc1qxfA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3510324%26time%3D1669738015898%26url%3Dhttps%253A%252F%252Fgivenow.lls.org%252Fgi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%...

0
263 B

151ms
114ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQL7QCY9oXNcvAAAAYTEJC4dfVkHGv1z6i9zkU_9DXWtd1BRlNay-dLCrP59kKrObDfzyZ4W
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 43103A6D57004A82858D817D3AC05E9D Ref B: FRAEDGE1520 Ref C: 2022-11-29T16:06:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuni1WPki0wrt5y0vtuw==

Redirect headers

date: Tue, 29 Nov 2022 16:06:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E45E980EBBAD4B5B8150879212F149C2 Ref B: FRAEDGE1921 Ref C: 2022-11-29T16:06:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3510324&time=1669738015898&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQL7QCY9oXNcvAAAAYTEJC4dfVkHGv1z6i9zkU_9DXWtd1BRlNay-dLCrP59kKrObDfzyZ4W
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuni1UAvUrctl8rE3erw==

GET
H2 204 5527522.js Show response
bat.bing.com/p/action/ 0
117 B 110ms
109ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5527522.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 29 Nov 2022 16:06:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A961079D4E484DEB94B5200A7A998001 Ref B: FRAEDGE1919 Ref C: 2022-11-29T16:06:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5527522&Ver=2&mid=254e5b6f-1cb3-4373-bafb-494b714c8629&sid=d89045e06fff11edaeb03721d53bdd55&vid=d8906ff06fff11ed977dc7aac1c0cb3d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&p=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&r=&lt=1803&evt=pageLoad&sv=1&rn=505879

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Nov 2022 16:06:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22B0A405250F441D9BD817DD6587E134 Ref B: FRAEDGE1919 Ref C: 2022-11-29T16:06:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/970754387/ 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970754387/?random=1669738015589&cv=11&fst=1669737600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2998981657&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/970754387/ 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970754387/?random=1669738015589&cv=11&fst=1669737600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2998981657&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 107ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63NN87E39V&gtm=2oeb90&_p=692545341&cid=215380230.1669738014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669738015&sct=1&seg=0&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1070099938/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070099938/?random=1669738015639&cv=11&fst=1669737600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3336268914&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1070099938/ 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070099938/?random=1669738015639&cv=11&fst=1669737600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3336268914&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1760 2 KB
2 KB 18ms
18ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 16:06:55 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 1760 153 KB
54 KB 168ms
158ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8819c3a389a1c9ea0399b53764839d55d905ad30166aac383ffa25b95d75a194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 10:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55348
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 00:27:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 10:45:13 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4722 0
127 B 415ms
415ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 107ms
107ms Script
application/javascript 2a02:26f0:1700:786::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:786::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%...
adservice.google.com/ddm/fls/z/ Frame 22E3 42 B
107 B 173ms
85ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CNDfreri0_sCFWdLkQUdBAACOw;src=8977078;type=allpg;cat=allpgun;ord=1;num=111389849262;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=pageview&_s=8&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-3837893-1&_gid=989872035.1669738014&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1581172866

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48264
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=692545341&t=pageview&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=215380230.1669738014&tid=UA-225158-16&_gid=989872035.1669738014&z=1181502125

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48264
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/779965559/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9f...
https://www.google.com/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadserv...

42 B
64 B

59ms
59ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scmlITWJFOWhzaTUtNHdrNy1CQU9TR1QxeUFYYUNnZU15M0RYZzBkYVJfa2x5eWZ3V05pZVd0WXc&is_vtc=1&ocp_id=Hy6GY7KCLpfLmLAPzbW9yAU&cid=CAQSKQDq26N9xacCCsVGIDO_lRcLuH0feqkKv21Sbs5LvAajVC8WtKQ7qLV_IBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4fPbNVF9O5ulM3rdTjkdH-8CtzZ4e6HhoQ&random=1886257296&ipr=y&prhg=0&ezwbk=AZuM4hAM3hN-I9n31fVMCzF5HiAqaRRYrsOv-s10P4MPkZWaC7PiMJE1S9R23ozT_UHba7GiGaGjfdvdQoHXstZXrK1H

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/779965559/?random=1365852494&cv=11&fst=1669738015640&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scmlITWJFOWhzaTUtNHdrNy1CQU9TR1QxeUFYYUNnZU15M0RYZzBkYVJfa2x5eWZ3V05pZVd0WXc&is_vtc=1&ocp_id=Hy6GY7KCLpfLmLAPzbW9yAU&cid=CAQSKQDq26N9xacCCsVGIDO_lRcLuH0feqkKv21Sbs5LvAajVC8WtKQ7qLV_IBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4fPbNVF9O5ulM3rdTjkdH-8CtzZ4e6HhoQ&random=1886257296&ipr=y&prhg=0&ezwbk=AZuM4hAM3hN-I9n31fVMCzF5HiAqaRRYrsOv-s10P4MPkZWaC7PiMJE1S9R23ozT_UHba7GiGaGjfdvdQoHXstZXrK1H
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p--C-1BUzjxqyCQ.js Show response
rules.quantcount.com/ 7 KB
2 KB 25ms
7ms Script
application/javascript 2600:9000:223c:ea00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--C-1BUzjxqyCQ.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a8eae662e01a138b9efa50f109ae2a9205fc53a3262916727551470ac441e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 15:48:20 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1884
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sat, 30 Apr 2022 03:35:07 GMT
server: AmazonS3
etag: W/"e68d0e9c216771ac3c9b658393e29e79"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: MLgbyxzYrZdEr4cJtT6rA1lhNv-wW8oIJO3v8f9bHB1ceU2Zv6VtQA==

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof...
https://www.google.com/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadserv...

42 B
64 B

59ms
59ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scEUzUGF6OHBHYnZ0YVNveGVPUnllMno5V2V1MXp2TFNWTjJMbkt2akU3Y2pHamloNGJxaUZ2YVE&is_vtc=1&ocp_id=Hy6GY8OFLtO2mLAPhLuu0A4&cid=CAQSKQDq26N9HedbiqMXGRnEJLnAy2-4qF9iPurLF61LQ8ggOE7iNRwFSlzDIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4b7hilLKkSa7wigca9igkltysKQhLymZ7g&random=3037618859&ipr=y&prhg=0&ezwbk=AZuM4hCjnb5tYtCve1_kKBCRjPzLkS-j6PUl3Hp4ZkbY5hKMc15olBp9GgG91-xN6mBPjVUGqNfd-fYv_teDGOGDdMc2

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=378775201&cv=11&fst=1669738015646&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5scEUzUGF6OHBHYnZ0YVNveGVPUnllMno5V2V1MXp2TFNWTjJMbkt2akU3Y2pHamloNGJxaUZ2YVE&is_vtc=1&ocp_id=Hy6GY8OFLtO2mLAPhLuu0A4&cid=CAQSKQDq26N9HedbiqMXGRnEJLnAy2-4qF9iPurLF61LQ8ggOE7iNRwFSlzDIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4b7hilLKkSa7wigca9igkltysKQhLymZ7g&random=3037618859&ipr=y&prhg=0&ezwbk=AZuM4hCjnb5tYtCve1_kKBCRjPzLkS-j6PUl3Hp4ZkbY5hKMc15olBp9GgG91-xN6mBPjVUGqNfd-fYv_teDGOGDdMc2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Dema...
adservice.google.com/ddm/fls/z/ Frame C4E7 42 B
494 B 152ms
84ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CIzereri0_sCFRZLkQUdnLQIeQ;src=8977078;type=allpg;cat=allpgst;ord=1068280956259;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 47B0 0
181 B 36ms
36ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=nvtufgc&ref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&upid=r20lbgl&upv=1.1.0
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 109ms
109ms XHR
text/plain 52.55.12.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.12.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-12-93.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Nov 2022 16:06:56 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 3d22e109-e922-4b7d-a469-db6e32f7b2c4

GET
H2 200 dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_me...
adservice.google.com/ddm/fls/z/ Frame 8624 42 B
107 B 120ms
84ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJLsturi0_sCFdZBkQUdscAOxw;src=8977078;type=app_star;cat=donatest;ord=1;num=3874030588341;gtm=2wgb90;auiddc=1790789906.1669738016;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbo...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadser...

42 B
64 B

59ms
59ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5sb09LTDJ0d2FodjlBcjRReUZOVXV2dTVDVUJpSHhOSDZfbm5MWUFrVjZ0VXlUczZsdGRoU3RRU0E&is_vtc=1&ocp_id=Hy6GY6ihOaiImLAPo6yi2Aw&cid=CAQSKQDq26N9seluFGy9AtGVrsXq0ignSF-3nra947hal-z5nIxHrs3JnMieIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4cOuv-AI1LMFQZllaxkBflte7ThY3xJt4g&random=2371436365&ipr=y&prhg=0&ezwbk=AZuM4hCp7VygfGjlYWYS8p9BtS47wG0fqe6GhXo1GDlP_3y3GYHqNPb6xX_XgOR4y8ABs7itOTc-p56axqBgxqPxT8u0

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1914958074&cv=11&fst=1669738015845&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=1790789906.1669738016&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BpV25BWVFsSkRwXzVPbHotVC1BUkltQUItc1RMdTN1VVhUOGRXcjlEMk5VOFlJYlZOcmh4V2hlSUFMUkNPMTJQQllKMEc0T1c4GlpDaEVJZ1BpV25BWVFyY3J6ck9DSnBNN2xBUkl1QUl1MU5sb09LTDJ0d2FodjlBcjRReUZOVXV2dTVDVUJpSHhOSDZfbm5MWUFrVjZ0VXlUczZsdGRoU3RRU0E&is_vtc=1&ocp_id=Hy6GY6ihOaiImLAPo6yi2Aw&cid=CAQSKQDq26N9seluFGy9AtGVrsXq0ignSF-3nra947hal-z5nIxHrs3JnMieIBM&eitems=ChAIgPiWnAYQn5SI486wrZALEh0AAfrV4cOuv-AI1LMFQZllaxkBflte7ThY3xJt4g&random=2371436365&ipr=y&prhg=0&ezwbk=AZuM4hCp7VygfGjlYWYS8p9BtS47wG0fqe6GhXo1GDlP_3y3GYHqNPb6xX_XgOR4y8ABs7itOTc-p56axqBgxqPxT8u0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=468735672;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7...
pixel.quantserve.com/ 35 B
472 B 62ms
44ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=468735672;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-380697590-1669738015960;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1669738016016;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=64eff934-5bda-4b1f-ad38-1fcd61670e1c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1347321382;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%2...
pixel.quantserve.com/ 35 B
472 B 62ms
45ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1347321382;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-380697590-1669738015960;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1669738016017;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=64eff934-5bda-4b1f-ad38-1fcd61670e1c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489186234582967&ev=PageView&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1669738016062&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669738016055.568734474&eid=ob3_plugin-set_ea7e236e885fe137e953ee4a1f8189de4f4724f3e26edede6498cd5c201a2576&it=1669738015895&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 29 Nov 2022 16:06:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
capigw.lls.org/ 0
163 B 407ms
109ms XHR
text/plain 54.174.170.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capigw.lls.org/events

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.174.170.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://givenow.lls.org
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 282ms
282ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
862 B 74ms
36ms XHR
application/json 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612674861034&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1669738016078&dep=2%2CPAGE_LOAD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fd0b383239142e91f5d06e332e6b49cd26d797647d5a7aa895a2f35fe8545c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef127b
x-envoy-upstream-service-time: 1
content-length: 381
x-pinterest-rid: 1810502039243551
pin-unauth: dWlkPU1HVmxaVGxoWXpFdE16TXlPUzAwTXpnM0xUZ3dZV1l0TkRJMFlqa3pOMlF6TlRneA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://givenow.lls.org
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
861 B 72ms
36ms XHR
application/json 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612674861034&cb=1669738016079&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fd0b383239142e91f5d06e332e6b49cd26d797647d5a7aa895a2f35fe8545c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef127c
x-envoy-upstream-service-time: 2
content-length: 381
x-pinterest-rid: 9151115462518181
pin-unauth: dWlkPU1XSm1OV0poTjJFdFlqTTBaaTAwWW1KbUxUbGxZV0V0TXpOaE9HSmtaVEZoTm1ZMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://givenow.lls.org
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
863 B 73ms
37ms XHR
application/json 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=addtocart&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612674861034&cb=1669738016079&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fd0b383239142e91f5d06e332e6b49cd26d797647d5a7aa895a2f35fe8545c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef127d
x-envoy-upstream-service-time: 1
content-length: 381
x-pinterest-rid: 1140900327809623
pin-unauth: dWlkPU1XVXpNMkU1TXpJdE9EVXlOQzAwT0RRMUxUaGtabU10TW1Vek5XRXlOVEJtWm1ReQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://givenow.lls.org
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 273ms
273ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 274ms
273ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 72ms
38ms Image
image/gif 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612674861034&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669738016082

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef1297
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 8436135878230005
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 273ms
272ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
DATA 200
OK truncated
/ Frame 8A8A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A8A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8A8A 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 594428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 29 Nov 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8A8A 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 360711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 11:55:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 8A8A 102 B
134 B 46ms
46ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tcnsndmtormv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 29 Nov 2022 16:06:56 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame AABE 565 B
590 B 30ms
30ms Document
text/html 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.98a12417.1669738016.57ef13ce
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 16:06:56 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6668626891923229

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame 1760 68 KB
25 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b44a0bc284e18100f9cb620a0b9e7c39fcf2dc14d191078b411bf3361be8430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 20:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25774
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 00:27:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 20:47:26 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 33ms
33ms Image
image/gif 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612674861034&cb=1669738016241&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_eligible_list%22%3A%5B%22country%22%2C%22country%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef1444
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1165071645149601
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 35ms
35ms Image
image/gif 23.36.156.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=addtocart&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612674861034&cb=1669738016243&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_eligible_list%22%3A%5B%22country%22%5D%2C%22pin_unauth%22%3A%22dWlkPU1HVmxaVGxoWXpFdE16TXlPUzAwTXpnM0xUZ3dZV1l0TkRJMFlqa3pOMlF6TlRneA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980%23!%2Fdonation%2Fcheckout%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.98a12417.1669738016.57ef144e
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1496074451201364
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 26AB 7 KB
1 KB 49ms
49ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=Giving+Tuesday+7AM_20221128_Event&utm_id=317235&sfmc_id=320353980

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53231fa71d9b21fd7afedee6d5266454f9c0f409bef36f98d977d08f333e3e70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QUyEaYS3b-rF8tUfP9un8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-QUyEaYS3b-rF8tUfP9un8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 1760 1 MB
355 KB 64ms
64ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b91a35cc8cc0f4cadaea2e61a46c22f4b1b9e70e02ef4101f3d7dcb21c278c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7dARdJcN8STLfKM9mk-_AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7dARdJcN8STLfKM9mk-_AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 29 Nov 2022 16:06:56 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame 1760 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25a1da729a9b3093b6342a5865f31de9d401066ead78804e2a00851f173dc3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 19:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9196
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 00:27:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 19:22:06 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame 1760 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

872d5e9df705ee22acc97ca15e990b206fa61a6b97002125dbdced5c2c2d91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13954
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 00:27:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 17:30:55 GMT

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 149ms
73ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 173ms
81ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 151ms
75ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 171ms
81ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 151ms
75ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 170ms
80ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 150ms
74ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 169ms
80ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 150ms
75ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 170ms
82ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1760 131 B
155 B 152ms
75ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 16:06:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 16:06:56 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 166ms
80ms Preflight
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 29 Nov 2022 16:06:56 GMT
expires: Tue, 29 Nov 2022 16:06:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 180ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 234ms
234ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 230ms
230ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 232ms
232ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 229ms
228ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 16:06:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 109ms
108ms Image
image/gif 18.213.204.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2969386687245744&v=7318175406297158&s=3439217149337594&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=Giving%20Tuesday%207AM_20221128_Event&sp=ts&sp=1669738014064&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DGiving%2BTuesday%2B7AM_20221128_Event%26utm_id%3D317235%26sfmc_id%3D320353980&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1669738014064&id0=619713718202384&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1669738016.191019892398&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1669738016297&st=1669738016298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.204.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS