secure.pva.org Open in urlscan Pro
151.101.1.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.pva.org/
Submission: On November 28 via manual (November 28th 2024, 4:18:50 pm UTC) from US — Scanned from US

Summary HTTP 115 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 27 domains to perform 115 HTTP transactions. The main IP is 151.101.1.91, located in San Francisco, United States and belongs to FASTLY, US. The main domain is secure.pva.org.
TLS certificate: Issued by R10 on October 19th 2024. Valid for: 3 months.

This is the only time secure.pva.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
2	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
7	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	3.219.134.92 3.219.134.92	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.40.163 142.251.40.163	15169 (GOOGLE) (GOOGLE)
4	142.251.40.164 142.251.40.164	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:8dd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.238.149.65 34.238.149.65	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
2	20.49.104.19 20.49.104.19	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	50.16.247.172 50.16.247.172	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
3	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
2	142.251.35.168 142.251.35.168	15169 (GOOGLE) (GOOGLE)
1	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
8	13.58.62.169 13.58.62.169	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1	44.212.189.233 44.212.189.233	14618 (AMAZON-AES) (AMAZON-AES)
6	31.13.80.36 31.13.80.36	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:f46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.235.122.5 35.235.122.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
3	54.244.159.189 54.244.159.189	16509 (AMAZON-02) (AMAZON-02)
1	44.238.216.23 44.238.216.23	16509 (AMAZON-02) (AMAZON-02)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	52.207.43.21 52.207.43.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
115	40

28 151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

secure.pva.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

pva.gospringboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.134.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-134-92.compute-1.amazonaws.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com

dx.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.49.104.19 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ndn.statistinamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.247.172 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-247-172.compute-1.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.230 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

10339774.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.58.62.169 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-62-169.us-east-2.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.189.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-233.compute-1.amazonaws.com

44.212.189.233	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f46c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.235.122.5 (Los Angeles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.122.235.35.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lvs.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.244.159.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-159-189.us-west-2.compute.amazonaws.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.216.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-216-23.us-west-2.compute.amazonaws.com

ww.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.43.21 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-43-21.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	pva.org secure.pva.org	506 KB
14	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 10339774.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	8 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	744 KB
8	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9097	1 KB
7	adsrvr.org 4 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 match.adsrvr.org — Cisco Umbrella Rank: 377 insight.adsrvr.org — Cisco Umbrella Rank: 960	9 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	631 B
6	paypal.com 1 redirects checkout.paypal.com — Cisco Umbrella Rank: 13419 c.paypal.com — Cisco Umbrella Rank: 8145 b.stats.paypal.com — Cisco Umbrella Rank: 6750 lvs.stats.paypal.com — Cisco Umbrella Rank: 11683 c6.paypal.com — Cisco Umbrella Rank: 9713	24 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	192 B
5	steelhousemedia.com dx.steelhousemedia.com — Cisco Umbrella Rank: 17339 px.steelhousemedia.com — Cisco Umbrella Rank: 13314 ww.steelhousemedia.com — Cisco Umbrella Rank: 36804	11 KB
4	bidr.io 2 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 16860	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	82 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	statistinamics.com ndn.statistinamics.com — Cisco Umbrella Rank: 113048	2 KB
2	gstatic.com fonts.gstatic.com	74 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9545	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1331	85 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2604	3 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2477	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3690	842 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3341	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	951 B
1	gospringboard.com pva.gospringboard.com	15 KB
115	27

	Domain	Requested by
28	secure.pva.org	secure.pva.org
9	www.googletagmanager.com	secure.pva.org www.googletagmanager.com www.google-analytics.com
8	client-analytics.braintreegateway.com	secure.pva.org
6	www.facebook.com	secure.pva.org
6	td.doubleclick.net	www.googletagmanager.com
4	cnv.event.prod.bidr.io	2 redirects secure.pva.org
4	connect.facebook.net	secure.pva.org connect.facebook.net
4	www.google.com	www.googletagmanager.com secure.pva.org
3	dpm.demdex.net	2 redirects secure.pva.org
3	insight.adsrvr.org	1 redirects js.adsrvr.org
3	match.adsrvr.org	3 redirects
3	px.steelhousemedia.com	dx.steelhousemedia.com px.steelhousemedia.com secure.pva.org
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com secure.pva.org
2	c.paypal.com	secure.pva.org c.paypal.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	10339774.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ndn.statistinamics.com	www.googletagmanager.com ndn.statistinamics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	payments.braintree-api.com	secure.pva.org
2	fonts.googleapis.com	secure.pva.org
2	use.fontawesome.com	secure.pva.org use.fontawesome.com
2	script.crazyegg.com	secure.pva.org script.crazyegg.com
1	track.hubspot.com
1	ww.steelhousemedia.com	px.steelhousemedia.com
1	c6.paypal.com	secure.pva.org
1	lvs.stats.paypal.com	secure.pva.org
1	b.stats.paypal.com	1 redirects
1	api.hubapi.com	js.hsadspixel.net
1	checkout.paypal.com	secure.pva.org
1	ad.doubleclick.net	secure.pva.org
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.adsrvr.org	www.googletagmanager.com
1	dx.steelhousemedia.com	secure.pva.org
1	js.hs-scripts.com	www.googletagmanager.com
1	pva.gospringboard.com	secure.pva.org
115	40

This site contains links to these domains. Also see Links.

Domain
pva.org
www.jacksonriver.com

Subject Issuer	Validity	Valid
secure2.pva.org R10	`2024-10-19` - `2025-01-17`	3 months	crt.sh
script.crazyegg.com E5	`2024-11-27` - `2025-02-25`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gospringboard.com R10	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2024-07-18` - `2025-07-17`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-06` - `2024-12-05`	3 months	crt.sh
hs-scripts.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2	`2024-05-17` - `2025-06-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
ndn.statistinamics.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-08-17` - `2025-02-17`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hs-banner.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh
44.212.189.233 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-15`	a year	crt.sh
hubapi.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://secure.pva.org/
Frame ID: 27357818DFE510643A147D0D226AC472
Requests: 97 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsecure.pva.org
Frame ID: FB467DBF7927A42F12BA9D7B3647F205
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1068999098?random=1732810723733&cv=11&fst=1732810723733&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v882771842z879639829za200zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 2B6B66A55BC634961721FD50A3D53B59
Requests: 1 HTTP requests in this frame

Frame: https://10339774.fls.doubleclick.net/activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F
Frame ID: B5616584F6FFC937F5F7307A54C70850
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F
Frame ID: 6F1921EC0C2CABE0260DC80F7A95667B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-VFDSNZZS7J&gacid=1879904047.1732810724&gtm=45je4bk0v889657172z879639829za200zb79639829&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=196059550
Frame ID: 342CE90044CF0466B2ACA5DEEF25F89B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1059121912?random=1732810724169&cv=11&fst=1732810724169&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9167466136z879639829za201zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 488E67587A3CB7576E5AD862FE515379
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11140936155?random=1732810724287&cv=11&fst=1732810724287&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E0CAC801145B8988168C9D60EDD3E447
Requests: 1 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.90.0/html/dispatch-frame.min.html
Frame ID: E8344758B51AB744B109EB3D8D136C5C
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 36183913CAE8E51E5CE5D8C71D9A5038
Requests: 1 HTTP requests in this frame

Frame: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14
Frame ID: 69D7FFD34F30495C16717894C0A20648
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-0RX53NN48D&gacid=1879904047.1732810724&gtm=45je4bk0v885826112za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2128861924
Frame ID: 427E302AC7731E91FB95799E8E72F90A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=x8k8gsg&ref=https%3A%2F%2Fsecure.pva.org%2F&upid=3uxbtyg&upv=1.1.0&paapi=1
Frame ID: FE1F9146AF44918DAA72FFC0F5F9F727
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mo8kjkd&ref=https%3A%2F%2Fsecure.pva.org%2F&upid=uknyej3&upv=1.1.0&paapi=1
Frame ID: 7F496F606B9F17DA9FB8E1A68ABB68DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donation Form - With Tribute/Honor Fields | Paralyzed Veterans of America

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

115
Requests

96 %
HTTPS

37 %
IPv6

27
Domains

40
Subdomains

40
IPs

3
Countries

1663 kB
Transfer

4481 kB
Size

40
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pva.org/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://pva.org/site/privacy-and-donor-opt-out-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jacksonriver.com/privacy
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://pva.org/about-us/financial-information-and-governance/
Title: Financial Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 51

https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 60

https://10339774.fls.doubleclick.net/activityi;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F HTTP 302
https://10339774.fls.doubleclick.net/activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F

Request Chain 96

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14 HTTP 302
https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14

Request Chain 108

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=70ee9367-ada4-11ef-8824-b5b2d4401dd8&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=70ee9367-ada4-11ef-8824-b5b2d4401dd8&gdpr=&gdpr_consent= HTTP 302
https://px.steelhousemedia.com/tdsync?tdid=04222a0c-aad2-49c3-b584-f8f3c1af5241&shguid=70ee9367-ada4-11ef-8824-b5b2d4401dd8

Request Chain 109

https://insight.adsrvr.org/track/evnt/?adv=thbhq2b&ct=0:58t8rd0&fmt=3 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=77193ff3-352a-4a5b-9b54-f3a1eadec0d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=77193ff3-352a-4a5b-9b54-f3a1eadec0d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=04222a0c-aad2-49c3-b584-f8f3c1af5241

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.pva.org/ 95 KB
23 KB 196ms
62ms Document
text/html 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

1644123838ea536a3945c0fffaaee2ccc7b760c568c751150860e5903eca0515

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://secure.pva.org/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1657
cache-control: public, max-age=3600
content-encoding: gzip
content-language: en
content-length: 23533
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 16:18:42 GMT
etag: "1732809065-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 28 Nov 2024 15:51:05 GMT
link: </PVA/donation-form-tvtshirt>; rel="canonical",</node/61>; rel="shortlink"
server: Apache
strict-transport-security: max-age=300; includeSubDomains; preload
vary: Cookie,Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 7, 0
x-content-type-options: nosniff nosniff
x-frame-options: ALLOW-FROM https://secure.pva.org/
x-served-by: cache-iad-kjyo7100160-IAD, cache-mia-kmia1760086-MIA
x-timer: S1732810723.728992,VS0,VE30

GET
H3 200 1800.js Show response
script.crazyegg.com/pages/scripts/0093/ 7 KB
3 KB 170ms
76ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c667218153719151d614873b497555ca7b17bac0946adce5ca9a3407bc3c6328

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 68454
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
last-modified: Wed, 27 Nov 2024 21:11:50 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8e9bacea2bd9da1f-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2482
ce-version: 11.5.323
server: cloudflare

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
secure.pva.org/files/pva/css/ 7 KB
2 KB 107ms
101ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "8a9-62364a0134880"
age: 1926
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 1215, 0
last-modified: Tue, 01 Oct 2024 06:42:29 GMT
x-served-by: cache-iad-kjyo7100025-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824608,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 2217
server: Apache

GET
H2 200 css_P13TPSCRyFsaf6cEoyj1hnwQmOLSMi22rY7---reLQ0.css
secure.pva.org/files/pva/css/ 2 KB
894 B 108ms
102ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_P13TPSCRyFsaf6cEoyj1hnwQmOLSMi22rY7---reLQ0.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3f5dd33d2091c85b1a7fa704a328f5867c1098e2d2322db6ad8efefbeade2d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "2c8-62364ba28cdd0"
age: 1926
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 926, 0
last-modified: Tue, 01 Oct 2024 06:49:47 GMT
x-served-by: cache-iad-kjyo7100077-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824343,VS0,VE32
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 712
server: Apache

GET
H2 200 css_EBVCgZaZzPeoedu99JWwyqzz2ro9peEQY6Hc3yO8s-U.css
secure.pva.org/files/pva/css/ 5 KB
2 KB 68ms
62ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_EBVCgZaZzPeoedu99JWwyqzz2ro9peEQY6Hc3yO8s-U.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

101542819699ccf7a879dbbdf495b0caacf3daba3da5e11063a1dcdf23bcb3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "678-62364a01413a0"
age: 1925
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 7805, 0
last-modified: Tue, 01 Oct 2024 06:42:29 GMT
x-served-by: cache-iad-kjyo7100154-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824654,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 1656
server: Apache

GET
H2 200 css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css
secure.pva.org/files/pva/css/ 209 KB
33 KB 41ms
36ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

42332c827deb541404462fc045c3fb33abd45df5fd5cda0dbb5ed3530c0922ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "8303-62364ba2c92a8"
age: 3907
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 4593, 0
last-modified: Tue, 01 Oct 2024 06:49:47 GMT
x-served-by: cache-iad-kcgs7200040-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824269,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 33539
server: Apache

GET
H2 200 css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css
secure.pva.org/files/pva/css/ 2 KB
767 B 110ms
105ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "274-62364ba2d2718"
age: 197
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 796, 0
last-modified: Tue, 01 Oct 2024 06:49:47 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824119,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 628
server: Apache

GET
H2 200 js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js Show response
secure.pva.org/files/pva/js/ 130 KB
45 KB 40ms
35ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "b2fb-62364a0179de0"
age: 2636
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 4613, 0
last-modified: Tue, 01 Oct 2024 06:42:29 GMT
x-served-by: cache-iad-kjyo7100036-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824091,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 45819
server: Apache

GET
H2 200 js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js Show response
secure.pva.org/files/pva/js/ 305 KB
80 KB 108ms
103ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9af4a2d59c6a38155eac111dd46de3b97a8b6cbf3debccb7c1d3b9705dcb2946

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "13ed3-62364ba2ed8b0"
age: 2637
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 7548, 0
last-modified: Tue, 01 Oct 2024 06:49:47 GMT
x-served-by: cache-iad-kjyo7100131-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.823972,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 81619
server: Apache

GET
H2 200 js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js Show response
secure.pva.org/files/pva/js/ 3 KB
1 KB 54ms
50ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "3bb-62364a01849c0"
age: 1925
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 7725, 0
last-modified: Tue, 01 Oct 2024 06:42:29 GMT
x-served-by: cache-iad-kjyo7100034-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824924,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 955
server: Apache

GET
H2 200 js__3J270JBXpUvUNaAHUS1xRzU0hJBsskk1k4i8NsCWVk.js Show response
secure.pva.org/files/pva/js/ 238 KB
49 KB 81ms
77ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js__3J270JBXpUvUNaAHUS1xRzU0hJBsskk1k4i8NsCWVk.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ff7276ef42415e952f50d6801d44b5c51cd4d21241b2c924d64e22f0db025959

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "c14f-62364ba399a98"
age: 1831
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 6975, 0
last-modified: Tue, 01 Oct 2024 06:49:48 GMT
x-served-by: cache-iad-kcgs7200171-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824916,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 49487
server: Apache

GET
H2 200 js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js Show response
secure.pva.org/files/pva/js/ 28 KB
8 KB 109ms
105ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
etag: "1d5a-62364a01abea8"
age: 1926
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/javascript
vary: Accept-encoding, Accept-Encoding
x-cache-hits: 7731, 8
last-modified: Tue, 01 Oct 2024 06:42:30 GMT
x-served-by: cache-iad-kjyo7100079-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.824875,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 7514
server: Apache

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 165ms
53ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.pva.org
Referer: https://secure.pva.org/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
age: 412597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07yxSxeXVK0i3gbRSP%2FHR90WHlKOxwV8plMJV00TQRL4ZU8vIYiJtLtFOWbDxtnt%2FmFKzjNzCHWGtX%2FKzbSaswGrXjSFBzy2W%2FGSHh8BS%2B4qxmeVrPupejWAX67rTtCN8KakPJI3Lj10g1hCLiOtR1ow"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30298&min_rtt=29652&rtt_var=5923&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4042&recv_bytes=2228&delivery_rate=130029&cwnd=253&unsent_bytes=0&cid=61de3ec5dce1af40&ts=92&x=0"
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9bacea3f79259d-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 236ms
86ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&family=Titillium+Web:wght@400;600&display=swap

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e422018cd78c3507e76970cf024bfdbdad700cdce97ad3d0207ea668b3808015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 16:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 16:18:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 popper-1.14.7.min.js
secure.pva.org/js/ 0
0 126ms
123ms Script
text/html 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/popper-1.14.7.min.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.852838,VS0,VE37
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS
content-length: 196
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/html; charset=iso-8859-1
x-served-by: cache-iad-kcgs7200138-IAD, cache-mia-kmia1760086-MIA
server: Apache
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 404 bootstrap-4.3.1.min.js
secure.pva.org/js/ 0
0 126ms
124ms Script
text/html 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/bootstrap-4.3.1.min.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.853709,VS0,VE38
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS
content-length: 196
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/html; charset=iso-8859-1
x-served-by: cache-iad-kjyo7100024-IAD, cache-mia-kmia1760086-MIA
server: Apache
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 PVALogotransparent.png
secure.pva.org/files/pva/ 39 KB
39 KB 104ms
101ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/PVALogotransparent.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

0045273fe3b4f81665145a395346b335e13500f74c5812c323c581a88b47e97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "9cf4-5e16dd291ab00"
age: 1925
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: image/png
last-modified: Tue, 14 Jun 2022 19:58:04 GMT
x-cache-hits: 766, 0
x-served-by: cache-iad-kcgs7200049-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.852819,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 40180
server: Apache

GET
H2 200 secure.png
secure.pva.org/files/pva/ 17 KB
18 KB 120ms
118ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/secure.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

150a5122614b13408ab1fb2e698bc12fa07b0ae73a7ae878c5214c85ab413ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "45ec-5d66b87752780"
age: 1926
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: image/png
last-modified: Tue, 25 Jan 2022 17:36:46 GMT
x-cache-hits: 7528, 0
x-served-by: cache-iad-kiad7000130-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.852780,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 17900
server: Apache

GET
H2 200 troy-51229-pmjpg.jpeg
secure.pva.org/files/pva/banner/ 32 KB
32 KB 101ms
89ms Image
image/jpeg 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/banner/troy-51229-pmjpg.jpeg

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

0aed456a12bd061e676434377e12edea0d6b2eeb3f76645ce38c87a2595b8c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "7f69-5d825e4594b00"
age: 0
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/jpeg
last-modified: Wed, 16 Feb 2022 17:22:20 GMT
x-cache-hits: 8, 0
x-served-by: cache-iad-kjyo7100175-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.986117,VS0,VE40
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 32617
server: Apache

GET
H2 200 give-24-monthly.png
pva.gospringboard.com/files/pva/ 14 KB
15 KB 131ms
60ms Image
image/png 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pva.gospringboard.com/files/pva/give-24-monthly.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9909b4d889445b2a5d83e7d1dfabe303cc01fd45ea8a4e00e47ae6d432161a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "3992-5d7c557caf040"
age: 998
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Fri, 11 Feb 2022 22:11:05 GMT
x-cache-hits: 2038, 0
x-served-by: cache-iad-kiad7000136-IAD, cache-mia-kmia1760074-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.081415,VS0,VE29
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://pva.gospringboard.com
content-length: 14738
server: Apache

GET
H2 200 padlock.png
secure.pva.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/ 151 B
322 B 35ms
31ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/padlock.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
etag: "97-626b9dd6d5880"
age: 3907
x-timer: S1732810723.096117,VS0,VE1
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: HIT, HIT
content-length: 151
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 16:39:46 GMT
server: Apache
x-cache-hits: 6, 0
x-served-by: cache-iad-kiad7000024-IAD, cache-mia-kmia1760086-MIA

GET
H2 200 CharityNav2024.png
secure.pva.org/files/pva/ 45 KB
45 KB 38ms
35ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/CharityNav2024.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

536828b57676df3c3fbc5cf716ec5b8745dd234a1ab0c561ea56c489e9929f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "b3ad-616f4631de9c0"
age: 6369
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 23:45:51 GMT
x-cache-hits: 430, 0
x-served-by: cache-iad-kiad7000113-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.096568,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 45997
server: Apache

GET
H2 200 GreatNonProfit2024.png
secure.pva.org/files/pva/ 59 KB
59 KB 35ms
32ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/GreatNonProfit2024.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

1fb3ffa29e4df9c616dfdd2c1276520d936fab57715003be354a9a102e45ce03

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "eb1b-616f4631de9c0"
age: 6369
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 23:45:51 GMT
x-cache-hits: 781, 0
x-served-by: cache-iad-kjyo7100105-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.096353,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 60187
server: Apache

GET
H2 200 Candid2024-v2.png
secure.pva.org/files/pva/ 18 KB
18 KB 40ms
36ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/Candid2024-v2.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e199e5a350de0e376a152d733453da57b812a01704c8f8ac604e128428cd72a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "4650-616f4631de9c0"
age: 6369
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 23:45:51 GMT
x-cache-hits: 7337, 0
x-served-by: cache-iad-kiad7000091-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.096338,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 18000
server: Apache

GET
H2 200 PVALogowhite.png
secure.pva.org/files/pva/ 34 KB
34 KB 39ms
36ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/PVALogowhite.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

995da7831c463b9fb934f20b6d698eba8a0ab94c64a1b7bbb2915ebe9ef20624

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "87d3-5e16dd291ab00"
age: 2636
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 14 Jun 2022 19:58:04 GMT
x-cache-hits: 3947, 0
x-served-by: cache-iad-kcgs7200084-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810723.096313,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 34771
server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 361 KB
120 KB 248ms
100ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d87a359d6aa6c271d264b80853c79b1665a44ee02b41acb22ca28749cbb5cb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122381
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 136ms
85ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74a8f3cd52f6e6b619021cb1e993aafce21e5a5c267770c5317b0ef6d8bb6eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 16:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 16:18:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 secure.pva.org.json Show response
script.crazyegg.com/pages/data-scripts/0093/1800/site/ 1 KB
728 B 81ms
48ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0093/1800/site/secure.pva.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e066e73bfc3a14b42003f6382dcdc86bd6f3343d5cb01c7e1e995192461c0da8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 68455
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/json
last-modified: Wed, 27 Nov 2024 21:11:51 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8e9baceaed8d8dee-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 477
ce-version: 11.5.323
server: cloudflare

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 223ms
62ms Preflight 3.219.134.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.219.134.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-134-92.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://secure.pva.org
access-control-max-age: 1800
date: Thu, 28 Nov 2024 16:18:43 GMT
paypal-debug-id: 63b6955d3c5d4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 credit-card.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 3 KB
3 KB 35ms
33ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/credit-card.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
etag: "a0f-626b9dd6d5880"
age: 6369
x-timer: S1732810723.148086,VS0,VE1
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: HIT, HIT
content-length: 2575
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 16:39:46 GMT
server: Apache
x-cache-hits: 851, 0
x-served-by: cache-iad-kiad7000053-IAD, cache-mia-kmia1760086-MIA

GET
H2 200 paypal.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 2 KB
2 KB 38ms
37ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/paypal.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

90334a765f331b0057bda6976d556f14e1795fb8a8dafd9259c4f8cf3fd50a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
etag: "927-626b9dd6d5880"
age: 6369
x-timer: S1732810723.148560,VS0,VE1
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: HIT, HIT
content-length: 2343
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 16:39:46 GMT
server: Apache
x-cache-hits: 6248, 0
x-served-by: cache-iad-kiad7000178-IAD, cache-mia-kmia1760086-MIA

GET
H2 200 bank-account.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 898 B
1001 B 36ms
36ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/bank-account.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
etag: "382-626b9dd6d5880"
age: 2636
x-timer: S1732810723.148560,VS0,VE1
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: HIT, HIT
content-length: 898
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 16:39:46 GMT
server: Apache
x-cache-hits: 6225, 0
x-served-by: cache-iad-kjyo7100086-IAD, cache-mia-kmia1760086-MIA

GET
H2 200 apple-pay.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 1 KB
1 KB 37ms
36ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/apple-pay.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e4e4793845d12dc4cdc83ef651f925bdd85ddf29ba27b41d30f5c634fd7f5bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/files/pva/css/css_QjMsgn3rVBQERi_ARcP7M6vUXfX9XNoNu17TUwwJIqw.css

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
etag: "557-626b9dd6d5880"
age: 6369
x-timer: S1732810723.148637,VS0,VE1
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: HIT, HIT
content-length: 1367
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 16:39:46 GMT
server: Apache
x-cache-hits: 3518, 0
x-served-by: cache-iad-kiad7000148-IAD, cache-mia-kmia1760086-MIA

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 145ms
66ms Font
font/woff2 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.pva.org
Referer: https://fonts.googleapis.com/

Response headers

age: 548881
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 07:50:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 07:50:42 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 72 KB
73 KB 66ms
41ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.pva.org
Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

cf-cache-status: HIT
etag: "fb493903265cad425ccdf8e04fc2de61"
age: 587950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vre5vcLUT6CIMYYjXdVVFSBdyMtBriWAiSiPa3NoDv7zEKY1uvBMp0mQ7z0uETMELKBUgIzquE7DnrQVS2kepAkPD3Ix1Q7XZ2EnsBIAk85v7FpcruvkKszhExwBCwyCwUQjJX5anThW4w7cpXDrqirg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=34084&min_rtt=29546&rtt_var=10283&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16852&recv_bytes=2359&delivery_rate=512344&cwnd=255&unsent_bytes=0&cid=61de3ec5dce1af40&ts=500&x=0"
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:38 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9bacecdad0259d-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 73852
server: cloudflare

GET
H3 200 dFanZfeM_74wlPZtksIFaj8CDHeZWXB3.woff2
fonts.gstatic.com/s/zillaslab/v11/ 27 KB
27 KB 137ms
60ms Font
font/woff2 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v11/dFanZfeM_74wlPZtksIFaj8CDHeZWXB3.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

202da7243545e62a15c917c50faa62d059cfd74b025ab27f3ade1684e6683c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.pva.org
Referer: https://fonts.googleapis.com/

Response headers

age: 590284
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 20:20:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 20:20:39 GMT
last-modified: Wed, 27 Apr 2022 16:01:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27708
x-xss-protection: 0
server: sffe

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 525ms
519ms XHR
application/json 3.219.134.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.219.134.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-134-92.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b78af013ab11e2dd049f6a054a7b8d421cd22d6ec4cf8a78c3377c0fb8046ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Authorization: Bearer production_v22jp43p_93nq92bcnkf2bqgv
Referer: https://secure.pva.org/
Braintree-Version: 2018-05-10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache, no-store
paypal-debug-id: ffae1155975e4
braintree-version: 2016-10-07
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://secure.pva.org
content-length: 790
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/json
vary: Braintree-Version, Accept-Encoding
server: nginx
x-frame-options: DENY

POST
H2 200 new_cookie Show response
secure.pva.org/js/springboard_cookie/ 186 B
457 B 140ms
139ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/springboard_cookie/new_cookie

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

dc949864a6647da9cacca605e3c4b61903182b034d4ee995e2b2b15550fb9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.pva.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
content-encoding: gzip
x-timer: S1732810723.260899,VS0,VE108
x-content-type-options: nosniff
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 180
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-mia-kmia1760086-MIA
server: Apache
x-cache-hits: 0
vary: Accept-Encoding

POST
H2 200 get_token Show response
secure.pva.org/js/springboard_fraud/ 135 B
224 B 138ms
136ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/springboard_fraud/get_token

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

8996c4050cf02c4bdb0ad2c120f3c77d72a8fb033b70e5ff7a5c32cf071ca4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.pva.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=300; includeSubDomains; preload
content-encoding: gzip
x-timer: S1732810723.266526,VS0,VE103
x-content-type-options: nosniff
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 139
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-mia-kmia1760086-MIA
server: Apache
x-cache-hits: 0
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
89 KB 104ms
92ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1068999098&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd5ff1180bde508f5fb754d01c796a6dffe1192f0fe2ecc373bf39a9f59afb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90614
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 417ms
91ms Ping
text/plain 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsecure.pva.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1538916334.1732810724&auid=1151846515.1732810724&npa=0&gtm=45He4bk0v79639829za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732810723566&tfd=990&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 417 KB
133 KB 99ms
99ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7730b05ed2ba475dcbf7e6118d4d2b195cf13ea6e0a1966ad91a731b4f22726a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136323
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 170ms
169ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1059121912&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51cf588293c4536085a417dc54e8758ff104c2398553ebef3651c8ba563cf742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93820
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 181ms
60ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B235E7E9820B46EAA06AA6A6ED2F4F55 Ref B: MIAEDGE1811 Ref C: 2024-11-28T16:18:43Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 141ms
140ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10339774&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1221e8a9c508e7ad674595555382544d81cc1941754f8a9bf7a5d8465f49f837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83725
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 143ms
70ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-6LbbTnuJ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-6LbbTnuJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: mto5Y4P/JAqyEjBn9AMqkXFD4vxlO/QzLRffPNRC/cs0CPM3MULJgmGoEbPzRo8CQK5eupLuPGrvX+tHwuNVZA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 5228934.js Show response
js.hs-scripts.com/ 1 KB
951 B 193ms
111ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5228934.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c3e2888f4c583eca027b07d8765771f99c34fca56613283e5a1a748d9706ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 16:20:13 GMT
date: Thu, 28 Nov 2024 16:18:43 GMT
x-hubspot-correlation-id: 16acffab-64b8-4926-bab4-d93a118c91bf
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Thu, 28 Nov 2024 16:17:39 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e9baceefe92da67-MIA
accept-ranges: bytes
access-control-allow-origin: https://pva.org
content-length: 587
server: cloudflare

GET
H/1.1 200
OK spx Show response
dx.steelhousemedia.com/ 23 KB
6 KB 449ms
63ms Script
application/javascript 34.238.149.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31331&tdr=&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-65.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 66f8ad6fe4a2109e0118ba82570f350f1a77b4d284c539e86060297aeb0cd723

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT
be: spx-prod
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript;charset=utf-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: istio-envoy

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 385ms
64ms Script
application/javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"ca10a83376fd9bc0ab90281b9867f488"
Age: 34200
Connection: keep-alive
Via: 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: VTIaNOHnx7v_slnLjH3Gj5ifVeKyyNoVq40ku2ngQhR8UOpa8ax0NQ==
Date: Thu, 28 Nov 2024 06:48:44 GMT
Content-Type: application/javascript
Last-Modified: Mon, 25 Nov 2024 06:48:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 149ms
145ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11140936155

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cef4210e5cde6c7f0dc2a865107d14a042b18b42391eeca2847d3942cb43786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 28 Nov 2024 16:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90893
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK 3C39429F-C8AB-4FCD-BA46-CB562434EA60.js Show response
ndn.statistinamics.com/cstnxtm/ 499 B
1 KB 396ms
70ms Script
text/javascript 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/3C39429F-C8AB-4FCD-BA46-CB562434EA60.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.49.104.19 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 72b438281f99c6f09df7be716564cbf0fe049fcd23b137e60de2ca46576d4e23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=0
ETag: 2928ad58-893a-4cce-a591-ae2c35c5655b
Pragma: no-cache
Request-Context: appId=cid-v1:b939a039-0b22-486d-b74d-ac6a375a4650
Expires: Sat, 01 Jan 2000 00:00:00 GMT
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
X-Auth-Id: 3bd2cbfed07e-e9b1-5c99-9926-1da98c28
Date: Thu, 28 Nov 2024 16:18:43 GMT
Content-Type: text/javascript; charset=utf-8
Server: Kestrel

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

66ms
62ms

Image
image/gif

50.16.247.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

HTTP/1.1

Server

50.16.247.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-247-172.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=944&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

65ms
63ms

Image
image/gif

50.16.247.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

HTTP/1.1

Server

50.16.247.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-247-172.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=2641&buzz_key=dsp&value=&segment_key=dsp-13272&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: gunicorn
Connection: keep-alive

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame FB46 0
0 315ms
62ms Document
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsecure.pva.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 498068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 21:57:35 GMT
expires: Sat, 22 Nov 2025 21:57:35 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 371ms
69ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
age: 6302
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 16:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068999098/ 5 KB
2 KB 233ms
92ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068999098/?random=1732810723733&cv=11&fst=1732810723733&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v882771842z879639829za200zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1068999098&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

c73336ae45f9d2cbf9ce5aed0b62cf662ef292c1dbd2ebb5e5c29fd11d2c77fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2382
date: Thu, 28 Nov 2024 16:18:43 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1068999098
td.doubleclick.net/td/rul/ Frame 2B6B 0
0 222ms
84ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1068999098?random=1732810723733&cv=11&fst=1732810723733&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v882771842z879639829za200zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1068999098&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 177ms
51ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a102aed533390e53f0c3da4a28fd5a0c882afb2d67abd36ae78e418f2d9e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 23ecfb5a-2df6-4b77-ac5a-9903c8144e1d
content-encoding: gzip
cf-cache-status: HIT
etag: W/"55c50075baa1fb358695bac6a8ac3254"
x-amz-version-id: kgaFlO84ZW6ILlAzIV38LNI2_mvTYgv6
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 43
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: 23ilgOi3hjvXCOmLxWNO0qk8j6NZ6Mm_7A4l4J1k7YjPwtkkyzWUxQ==
date: Thu, 28 Nov 2024 16:18:43 GMT
x-hubspot-correlation-id: 23ecfb5a-2df6-4b77-ac5a-9903c8144e1d
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Nov 2024 18:45:45 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-2w2nl
x-envoy-upstream-service-time: 1
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.833/bundles/pixels-release.js&cfRay=8e9455d6f884c9bc-IAD
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
cf-ray: 8e9bacf0a96fa4f1-MIA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.833/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5228934.js Show response
js.hs-analytics.net/analytics/1732810500000/ 68 KB
25 KB 192ms
67ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1732810500000/5228934.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9a4644b5864e851709baa6a9f23a208002439ae117f87b5c6808a2bacf6fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 2d09533f-35fd-4abc-bd94-86391ce519ef
content-encoding: gzip
cf-cache-status: HIT
etag: W/"806abbc657760edfdb524e43e694b500"
x-amz-version-id: null
expires: Thu, 28 Nov 2024 16:20:26 GMT
x-evy-trace-listener: listener_https
date: Thu, 28 Nov 2024 16:18:43 GMT
x-hubspot-correlation-id: 2d09533f-35fd-4abc-bd94-86391ce519ef
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:44:39 GMT
vary: origin, Accept-Encoding
x-amz-id-2: XaSFhDHsjimN2EKUM9byYDp4krHORsJqCgsg49y/xtHpZDlcfN82iCxbx+p4aehNcFTNAHMj1oTbmL+p6uuFMXOKmzCQ0e81/hCZK9SciOg=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-fhb5w
x-envoy-upstream-service-time: 48
access-control-allow-credentials: false
x-amz-request-id: XW4R5KBYV7E60MNG
cf-ray: 8e9bacf0ad3a7494-MIA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5228934/ 71 KB
26 KB 366ms
139ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5228934/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7714daa93075de11e668bc163964cccc1d154d5255149a7c5d6baa4cd47291

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 0fe032f8-b1c0-4cc8-94d0-6087710d5141
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"24e772a957285bad5fec41ffcff8a218"
x-amz-version-id: T7HRoNzytHVIfTgNNs8E6e5wj_cgrqqU
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Thu, 28 Nov 2024 16:23:44 GMT
x-evy-trace-listener: listener_https
date: Thu, 28 Nov 2024 16:18:44 GMT
x-hubspot-correlation-id: 0fe032f8-b1c0-4cc8-94d0-6087710d5141
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Apr 2024 14:31:55 GMT
vary: origin, Accept-Encoding
x-amz-id-2: dGI0pMrS5fQOy0tTRHlPNj0NsPhzegGBU/Q7/4UHAFUjiqKA5wPIMMHIAfUMK8iiPumZUfeL3AGlZz6BfiTLXg==
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
x-envoy-upstream-service-time: 33
access-control-allow-credentials: true
x-amz-request-id: NRXZ6M9ADSQV1PEN
cf-ray: 8e9bacf24b7467d4-MIA
access-control-allow-origin: https://secure.pva.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 13002182.js Show response
bat.bing.com/p/action/ 363 B
420 B 57ms
56ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13002182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 142FC464283D4380A1A87212F048AED8 Ref B: MIAEDGE1811 Ref C: 2024-11-28T16:18:43Z
x-cache: CONFIG_NOCACHE
date: Thu, 28 Nov 2024 16:18:42 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2

200

activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
10339774.fls.doubleclick.net/ Frame B561
Redirect Chain

https://10339774.fls.doubleclick.net/activityi;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://10339774.fls.doubleclick.net/activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;...

0
0

144ms
138ms

Document
text/html

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10339774.fls.doubleclick.net/activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10339774&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Thu, 28 Nov 2024 16:18:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10339774.fls.doubleclick.net/activityi;dc_pre=CPWfuf22_4kDFVQNiAkd-j8K8Q;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
td.doubleclick.net/td/fls/rul/ Frame 6F19 0
0 221ms
94ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10339774&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 85ms
84ms Image
text/plain 142.251.35.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=DC-10339774&v=3&t=t&pid=1269965087&dl=secure.pva.org%2F&tdp=DC-10339774;189939507;1;7;1&frm=0&rtg=9639829&slo=8&hlo=2&lst=1&pcid=9639829&z=0
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.35.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s78-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 28 Nov 2024 16:18:43 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 activity;register_conversion=1;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
23 B 281ms
89ms Image
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10339774;type=homep0;cat=homep0;ord=1;num=4583897125633;npa=0;auiddc=1151846515.1732810724;ps=1;pcor=1203998010;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189939507z879639829za201zb79639829;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fsecure.pva.org%2F?

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 28 Nov 2024 16:18:44 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"6489381602062957879"}],"aggregatable_trigger_data":[{"filters":[{"14":["10219712"]}],"key_piece":"0x894d48a27042fb88","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xffb188d57ddf569b","not_filters":{"14":["10219712"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"14979775184282545118","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6489381602062957879","filters":[{"14":["10219712"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6489381602062957879","filters":[{"14":["10219712"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6489381602062957879","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6489381602062957879","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10339774"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 277423696208286 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 138ms
138ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277423696208286?v=2.9.176&r=stable&domain=secure.pva.org&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

4be2cdeae1f01d1d26d84abb918b4727807d5b074b75a882c2c1bdab4f99b2d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-3MwZVouP' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-3MwZVouP' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=76, mss=1232, tbw=70251, tp=65, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: YEw+9dmYK8agl1WDC9ehuMx2306G3oJFqOIr3E6nnTifoskc7u5aui4bMQv5SJESqAX1otmP6hW7vPI+fQg0xg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
analytics.google.com/g/ 0
0 230ms
86ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VFDSNZZS7J&gtm=45je4bk0v889657172z879639829za200zb79639829&_p=1732810722869&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1879904047.1732810724&ecid=892663606&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1732810724&sct=1&seg=0&dl=https%3A%2F%2Fsecure.pva.org%2F&dt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.pva.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 207ms
67ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VFDSNZZS7J&cid=1879904047.1732810724&gtm=45je4bk0v889657172z879639829za200zb79639829&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.pva.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 342C 0
0 105ms
77ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-VFDSNZZS7J&gacid=1879904047.1732810724&gtm=45je4bk0v889657172z879639829za200zb79639829&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=196059550

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059121912/ 5 KB
2 KB 98ms
88ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059121912/?random=1732810724169&cv=11&fst=1732810724169&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9167466136z879639829za201zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1059121912&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

7a28aac0c4a655aa4386acb5826dbcd028932158671feb17cacebaf50117cc7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2377
date: Thu, 28 Nov 2024 16:18:44 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1059121912
td.doubleclick.net/td/rul/ Frame 488E 0
0 104ms
90ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1059121912?random=1732810724169&cv=11&fst=1732810724169&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9167466136z879639829za201zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1059121912&l=dataLayer&cx=c&gtm=45He4bk0v79639829za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 93nq92bcnkf2bqgv Show response
client-analytics.braintreegateway.com/ 0
349 B 271ms
269ms XHR
text/plain 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://secure.pva.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Access-Control-Allow-Headers

POST
H/1.1 200
OK 93nq92bcnkf2bqgv Show response
client-analytics.braintreegateway.com/ 0
349 B 214ms
167ms XHR
text/plain 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://secure.pva.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Access-Control-Allow-Headers

OPTIONS
H/1.1 200
OK 93nq92bcnkf2bqgv
client-analytics.braintreegateway.com/ Frame 0
0 503ms
268ms Preflight 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK 93nq92bcnkf2bqgv
client-analytics.braintreegateway.com/ Frame 0
0 302ms
73ms Preflight 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 204 0
bat.bing.com/action/ 0
361 B 78ms
77ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13002182&tm=gtm002&Ver=2&mid=92307b74-7b62-4fb5-84a8-b280662cc2c7&bo=1&sid=7053f860ada411efbdff97d955593489&vid=70543480ada411ef8a60e589e873bf21&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&p=https%3A%2F%2Fsecure.pva.org%2F&r=&lt=717&evt=pageLoad&sv=1&cdb=AQAQ&rn=399189

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97D89F096A5E43CE86FF9C19D0A07805 Ref B: MIAEDGE1811 Ref C: 2024-11-28T16:18:44Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 28 Nov 2024 16:18:43 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11140936155/ 5 KB
2 KB 87ms
86ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11140936155/?random=1732810724287&cv=11&fst=1732810724287&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11140936155

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

836dc595eef9d30906d592cb443cef44e91a0ca4e63b61eb094a5987130e7614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2375
date: Thu, 28 Nov 2024 16:18:44 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11140936155
td.doubleclick.net/td/rul/ Frame E0CA 0
0 83ms
82ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11140936155?random=1732810724287&cv=11&fst=1732810724287&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11140936155

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dispatch-frame.min.html
checkout.paypal.com/web/3.90.0/html/ Frame E834 0
0 161ms
34ms Document
text/html 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.90.0/html/dispatch-frame.min.html

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mid/8782) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=86400, s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 3670
content-type: text/html
date: Thu, 28 Nov 2024 16:18:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "662bdc4d-2baf+gzip+br"
expires: Fri, 29 Nov 2024 16:18:44 GMT
last-modified: Fri, 26 Apr 2024 16:54:37 GMT
paypal-debug-id: 5b7c59ae055cf
server: ECAcc (mid/8782)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005b7c59ae055cf-e7cd0d2a76a839ca-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 70 KB
22 KB 235ms
103ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C7D) /

Resource Hash

72561daecad9d07460125458467e9c4ae115aa992bf99bf5856d7606519be13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

access-control-max-age: 86400
paypal-debug-id: d9f0b4c277d45
content-encoding: br
etag: W/"673387c8-118bf"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 16:18:44 GMT
traceparent: 00-0000000000000000000d9f0b4c277d45-502d8f8957437299-01
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 16:52:24 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-origin: *
server: ECAcc (dac/9C7D)

POST
H/1.1 200
OK 93nq92bcnkf2bqgv Show response
client-analytics.braintreegateway.com/ 0
349 B 95ms
66ms XHR
text/plain 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://secure.pva.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Access-Control-Allow-Headers

GET
H/1.1 200
OK 3C39429F-C8AB-4FCD-BA46-CB562434EA60.js Show response
ndn.statistinamics.com/cstnxtm/ 114 B
788 B 90ms
80ms Script
text/javascript 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/3C39429F-C8AB-4FCD-BA46-CB562434EA60.js?_uuid=004065cd-0b33-489f-b173-aa9135234672&lsgrg=&l=https%3A%2F%2Fsecure.pva.org%2F&r=
Requested by: Host: ndn.statistinamics.com
URL: https://ndn.statistinamics.com/cstnxtm/3C39429F-C8AB-4FCD-BA46-CB562434EA60.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.49.104.19 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 661f0f86374715cacb9539e4bb666d6f0e65c918abc36ec4f9adf255b8679f21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=0
ETag: cec0bf97-f475-487d-a276-e310ffd2aac2
Pragma: no-cache
Request-Context: appId=cid-v1:b939a039-0b22-486d-b74d-ac6a375a4650
Expires: Sat, 01 Jan 2000 00:00:00 GMT
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
X-Auth-Id: 3bd2cbfed07e-e9b1-5c99-9926-1da98c28
Date: Thu, 28 Nov 2024 16:18:43 GMT
Content-Type: text/javascript; charset=utf-8
Server: Kestrel

GET
H3 200 /
www.google.com/pagead/1p-user-list/1068999098/ 42 B
64 B 123ms
113ms Image
image/gif 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068999098/?random=1732810723733&cv=11&fst=1732809600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v882771842z879639829za200zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dxsBzrs38TZnuz2QaUMDmVDpsXjD4UQ&random=1698183358&rmt_tld=0&ipr=y

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 28 Nov 2024 16:18:44 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H/1.1 200
OK 93nq92bcnkf2bqgv
client-analytics.braintreegateway.com/ Frame 0
0 270ms
68ms Preflight 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
434 B 88ms
84ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1955771754&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.pva.org%2F&ul=en-us&de=UTF-8&dt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=149725015&gjid=75005168&cid=1879904047.1732810724&tid=UA-2917786-1&_gid=1539298260.1732810724&_r=1&_slc=1&gtm=45He4bk0n81T75QB9Cv79639829za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1639811023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e30966cd85463012960378b6cdd71c73a9ffa7e16d47c0f0f19d663cd63c0a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.pva.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://secure.pva.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H/1.1 200
OK is Show response
44.212.189.233/ 32 B
437 B 245ms
64ms Fetch
text/plain 44.212.189.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://44.212.189.233/is?cb=1732810724342
Requested by: Host: dx.steelhousemedia.com
URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31331&tdr=&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.212.189.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-189-233.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 09ff0198d435fbfbc2829ae315241cca177530681ffa3ce49ba3a6c4dbb646d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-envoy-upstream-service-time: 1
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
content-length: 32
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain;charset=utf-8
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

GET
H3 200 583415195599118 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 146ms
144ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/583415195599118?v=2.9.176&r=stable&domain=secure.pva.org&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

4dc53133232dc7c448cc727f18d1649c2901e23c0547498703935d3c90e11a19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-eLNROvT6' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-eLNROvT6' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=88, mss=1232, tbw=84683, tp=79, tpl=0, uplat=78, ullat=0
pragma: public
x-fb-debug: ounazPHjcx479ksgzwSiTHPv1RPcFWNGb3IVpK4um9Eyo/DjZGnyeI8/WtkBrLXyb7d4GEupdI1At1LwvhG1nA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 150ms
68ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277423696208286&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724370&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&it=1732810723894&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4507, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 234ms
152ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=277423696208286&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724370&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&it=1732810723894&coo=false&rqm=FGET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442365390054929414"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ML9K8sNWsYcruuBpbPR87ljM3HwNQKtagaDdMXz8b4d/SLIVM+V4K56a3tzyNDCtsNuCE+2w8fLb0x5NN+a/5w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442365390054929414", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4827, tp=12, tpl=0, uplat=84, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.google.com/pagead/1p-user-list/1059121912/ 42 B
64 B 114ms
113ms Image
image/gif 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059121912/?random=1732810724169&cv=11&fst=1732809600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9167466136z879639829za201zb79639829&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dziI6htpke2eO9Hl2ZfyHwQWqXpiLFTtreJ3P5Mb-LBacxDV7&random=1661518130&rmt_tld=0&ipr=y

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 28 Nov 2024 16:18:44 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 183 B
842 B 181ms
96ms XHR
application/json 2606:4700::6812:f46c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5228934

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521d139111678ca592e1257647209d4cbf181623ac786da00da7fb4b9159a15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0h8o7OQ4PKxpg9CnbWInK4UpGZx%2FpUH52z868JfcLlr%2Fh%2BcPGNO7ZeBuMgrQSJWshOd%2FAU8NtCR0faN2Jeg%2BhNj4JNCx8HEVLaD5qcAdK5WRI%2FVm1DAUtWIOLd73OkxM8frW%2FsXewPXpFZyJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 16:18:44 GMT
x-hubspot-correlation-id: b56c138f-f349-494b-bb6e-1abcf6e423ed
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8e9bacf4183a6de3-MIA
access-control-allow-origin: https://secure.pva.org
server: cloudflare

GET
H3 200 /
www.google.com/pagead/1p-user-list/11140936155/ 42 B
64 B 122ms
115ms Image
image/gif 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11140936155/?random=1732810724287&cv=11&fst=1732809600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.pva.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&npa=0&pscdl=noapi&auid=1151846515.1732810724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dwycBfdtCwtMgZdyCOcjYGh9_XyrqYX-QAlkU2EWjKamBTXeq&random=2471281456&rmt_tld=0&ipr=y

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 28 Nov 2024 16:18:44 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 439 KB
139 KB 91ms
90ms Script
application/javascript 142.251.35.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0RX53NN48D&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

964a06105763847fb29c64db92df4909f3406d0a14fcfa26e39f488f9f542e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 28 Nov 2024 16:18:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142226
x-xss-protection: 0
server: Google Tag Manager

POST
H/1.1 200
OK 93nq92bcnkf2bqgv Show response
client-analytics.braintreegateway.com/ 0
349 B 89ms
69ms XHR
text/plain 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_mvSi1ZxqOBVerBEd1G3juXqLbL8968y3wdO5cF3LKUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://secure.pva.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Access-Control-Allow-Headers

OPTIONS
H/1.1 200
OK 93nq92bcnkf2bqgv
client-analytics.braintreegateway.com/ Frame 0
0 112ms
67ms Preflight 13.58.62.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/93nq92bcnkf2bqgv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.62.169 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-62-169.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://secure.pva.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3 200 2753482588259980 Show response
connect.facebook.net/signals/config/ 34 KB
5 KB 261ms
261ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2753482588259980?v=2.9.176&r=stable&domain=secure.pva.org&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

0fedb4e6f00b9609208055681d54acfd0f063fcab1b3e5d4f0692c3e12ad3242

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-QnawGvbq' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-QnawGvbq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=91, mss=1232, tbw=88603, tp=84, tpl=0, uplat=194, ullat=0
pragma: public
x-fb-debug: gjAc1S8A7vNXZhnVAMbYHhX2WwG750JXkxTDN7Jh98iqDada/ELO+qGgVJqfimjToytyv3FhwYEBG0FvWBOnng==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 i
c.paypal.com/v1/r/d/ Frame 3618 0
0 139ms
132ms Document
text/html 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D21) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: cfe7d7d165820
date: Thu, 28 Nov 2024 16:18:43 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: cfe7d7d165820
server: ECAcc (dcd/7D21)
server-timing: traceparent;desc="00-0000000000000000000cfe7d7d165820-a755d31cbb96675d-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000cfe7d7d165820-47c692c6221072ae-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
lvs.stats.paypal.com/ Frame 69D7
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14
https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14

42 B
299 B

289ms
95ms

Image
image/jpeg

35.235.122.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: HTTP/1.1
Server: 35.235.122.5 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.122.235.35.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

Content-Length: 42
Date: Thu, 28 Nov 2024 16:18:45 GMT
Content-Type: image/jpeg
Connection: close
Server: PayPal-B.Stats/1.0

Redirect headers

Location: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=dd9d2d58ca26de1fa33a036555705050&t=1732810724.314&a=14
Content-Length: 0
Date: Thu, 28 Nov 2024 16:18:44 GMT
Content-Type: application/octet-stream
Connection: close
Server: PayPal-B.Stats/1.0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
504 B 213ms
118ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=dd9d2d58ca26de1fa33a036555705050&s=BRAINTREE_SIGNIN

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

paypal-debug-id: 612a8d10f2f34
access-control-expose-headers: Server-Timing
correlation-id: 612a8d10f2f34
traceparent: 00-0000000000000000000612a8d10f2f34-51a4178009ccc621-01
server-timing: "traceparent;desc="00-0000000000000000000612a8d10f2f34-253a1b230248b405-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS, MISS
date: Thu, 28 Nov 2024 16:18:44 GMT
x-served-by: cache-dfw-kdal2120108-DFW, cache-mia-kmia1760097-MIA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
x-timer: S1732810725.693436,VS0,VE87
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 82ms
79ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0RX53NN48D&gtm=45je4bk0v885826112za200&_p=1732810722869&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=1879904047.1732810724&ecid=845574182&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.pva.org%2F&dt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&sid=1732810724&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2202
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RX53NN48D&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.pva.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
58 B 66ms
64ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0RX53NN48D&cid=1879904047.1732810724&gtm=45je4bk0v885826112za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RX53NN48D&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.pva.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 rul
td.doubleclick.net/td/ga/ Frame 427E 0
0 82ms
79ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-0RX53NN48D&gacid=1879904047.1732810724&gtm=45je4bk0v885826112za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2128861924

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RX53NN48D&cx=c&_slc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 16:18:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 71ms
70ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=583415195599118&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724854&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&it=1732810723894&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=26, mss=1232, tbw=8283, tp=20, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 363ms
362ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=583415195599118&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724854&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&it=1732810723894&coo=false&rqm=FGET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442365390635915715"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:45 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: bI+gVDO+qmTxjaIpP0nLeBnWIVo1Waqn7ZP+KpNO0AxejPzXKy6xxSD7j49tg6xM34b6Va/lTtClYVBgqauTAQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442365390635915715", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=9611, tp=27, tpl=0, uplat=294, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 71ms
70ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2753482588259980&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724857&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&cs_est=true&it=1732810723894&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=26, mss=1232, tbw=8443, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 28 Nov 2024 16:18:44 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 245ms
244ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2753482588259980&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2F&rl=&if=false&ts=1732810724857&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732810724365.280979633806397455&ler=empty&cdl=API_unavailable&cs_est=true&it=1732810723894&coo=false&rqm=FGET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442365390571568400"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 16:18:45 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: vaHgaErvANA90sBRjOrn/Vz8Vvpgn2T0cFlWDtqDSmQm8yXjCFPjgIaQGJ52KazkfpL7ddZRRWM951CYOzgRoQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442365390571568400", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=26, mss=1232, tbw=8651, tp=25, tpl=0, uplat=176, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
1 KB 462ms
115ms Script
application/javascript 54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1&ga_client_id=1879904047.1732810724&shpt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1%22%2C%22ga_client_id%22%3A%221879904047.1732810724%22%2C%22shpt%22%3A%22Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221732810724.1%22%2C%22dcm_gid%22%3A%221539298260.1732810724%22%2C%22mntnis%22%3A%22GwihdmIWZ03ATbKinLLkUixm1oxUnrtO%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732810724.1&dcm_gid=1539298260.1732810724&available_ga=%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.steelhousemedia.com
URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31331&tdr=&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0151eb55297e3ff0f84a8951ee6b8b7d1adbea33531bc0cc0e69d1b7f3efcabc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Thu, 28 Nov 2024 16:18:45 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

GET
H/1.1 200
OK gs Show response
ww.steelhousemedia.com/ 144 B
733 B 711ms
117ms Script
application/javascript 44.238.216.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.steelhousemedia.com/gs
Requested by: Host: px.steelhousemedia.com
URL: https://px.steelhousemedia.com/st?ga_tracking_id=G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1&ga_client_id=1879904047.1732810724&shpt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1%22%2C%22ga_client_id%22%3A%221879904047.1732810724%22%2C%22shpt%22%3A%22Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221732810724.1%22%2C%22dcm_gid%22%3A%221539298260.1732810724%22%2C%22mntnis%22%3A%22GwihdmIWZ03ATbKinLLkUixm1oxUnrtO%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732810724.1&dcm_gid=1539298260.1732810724&available_ga=%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.238.216.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-216-23.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d8a8fb066e96723161e96e1eef424ef7dd67afd9325384a9e929941139961b31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Thu, 28 Nov 2024 16:18:45 GMT
content-length: 144
content-type: application/javascript;charset=utf-8
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 6 KB
2 KB 362ms
138ms Script
application/javascript 54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1&ga_client_id=1879904047.1732810724&shpt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1%22%2C%22ga_client_id%22%3A%221879904047.1732810724%22%2C%22shpt%22%3A%22Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221732810724.1%22%2C%22dcm_gid%22%3A%221539298260.1732810724%22%2C%22mntnis%22%3A%22GwihdmIWZ03ATbKinLLkUixm1oxUnrtO%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732810724.1&dcm_gid=1539298260.1732810724&available_ga=%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1732810725270781&shguid=f4066cff-e7e4-36ff-aeec-e0e63a7852fc&shgts=1732810725985
Requested by: Host: px.steelhousemedia.com
URL: https://px.steelhousemedia.com/st?ga_tracking_id=G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1&ga_client_id=1879904047.1732810724&shpt=Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-0RX53NN48D%3BG-VFDSNZZS7J%3BUA-2917786-1%22%2C%22ga_client_id%22%3A%221879904047.1732810724%22%2C%22shpt%22%3A%22Donation%20Form%20-%20With%20Tribute%2FHonor%20Fields%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221732810724.1%22%2C%22dcm_gid%22%3A%221539298260.1732810724%22%2C%22mntnis%22%3A%22GwihdmIWZ03ATbKinLLkUixm1oxUnrtO%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732810724.1&dcm_gid=1539298260.1732810724&available_ga=%5B%7B%22id%22%3A%22G-0RX53NN48D%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-VFDSNZZS7J%22%2C%22sess_id%22%3A%221732810724%22%7D%2C%7B%22id%22%3A%22UA-2917786-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2F&cb=80774913028052880&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: f4393c9ed78d260b6896b8aeb780f2af68c393ae3b89481d32f96ea39f69ab76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 22
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Thu, 28 Nov 2024 16:18:46 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

GET
H/1.1

200
OK

tdsync
px.steelhousemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=70ee9367-ada4-11ef-8824-b5b2d4401dd8&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=70ee9367-ada4-11ef-8824-b5b2d4401dd8&gdpr=&gdpr_consent=
https://px.steelhousemedia.com/tdsync?tdid=04222a0c-aad2-49c3-b584-f8f3c1af5241&shguid=70ee9367-ada4-11ef-8824-b5b2d4401dd8

0
319 B

354ms
131ms

Image
text/plain

54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.steelhousemedia.com/tdsync?tdid=04222a0c-aad2-49c3-b584-f8f3c1af5241&shguid=70ee9367-ada4-11ef-8824-b5b2d4401dd8
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/
Protocol: HTTP/1.1
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-envoy-upstream-service-time: 15
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Nov 2024 16:18:47 GMT
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

Redirect headers

location: https://px.steelhousemedia.com/tdsync?tdid=04222a0c-aad2-49c3-b584-f8f3c1af5241&shguid=70ee9367-ada4-11ef-8824-b5b2d4401dd8
content-length: 277
date: Thu, 28 Nov 2024 16:18:46 GMT
server: Kestrel

GET
H2

200

ibs:dpid=903&dpuuid=04222a0c-aad2-49c3-b584-f8f3c1af5241
dpm.demdex.net/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=thbhq2b&ct=0:58t8rd0&fmt=3
https://dpm.demdex.net/ibs:dpid=903&dpuuid=77193ff3-352a-4a5b-9b54-f3a1eadec0d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=77193ff3-352a-4a5b-9b54-f3a1eadec0d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://dpm.demdex.net/ibs:dpid=903&dpuuid=04222a0c-aad2-49c3-b584-f8f3c1af5241

42 B
715 B

62ms
62ms

Image
image/gif

52.207.43.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=04222a0c-aad2-49c3-b584-f8f3c1af5241

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/

Protocol

Server

52.207.43.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-43-21.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-031609d24.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: Jjr1ktbcSYY=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 28 Nov 2024 16:18:47 GMT
content-type: image/gif

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=04222a0c-aad2-49c3-b584-f8f3c1af5241
content-length: 189
date: Thu, 28 Nov 2024 16:18:47 GMT
server: Kestrel

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 172ms
100ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1372317473&v=1.1&a=5228934&rcu=https%3A%2F%2Fsecure.pva.org%2FPVA%2Fdonation-form-tvtshirt&pu=https%3A%2F%2Fsecure.pva.org%2F&t=Donation+Form+-+With+Tribute%2FHonor+Fields+%7C+Paralyzed+Veterans+of+America&cts=1732810727199&vi=01d89142eff60997430886066e300a7d&nc=true&u=175373885.01d89142eff60997430886066e300a7d.1732810727185.1732810727185.1732810727185.1&b=175373885.1.1732810727186&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

x-robots-tag: none
x-request-id: 846a6291-fd21-43b2-8381-8c856c3a9b16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HzF%2BX72EYVyIU5psgXshNdXoMNH7wPKjR%2BW6jBnq7TWc6W2mHxMXlDGo8XVILwR4cKVe9Cij7FIKIgxQ6Ut%2FgqsOi3%2BxQj2DVbD8TpQeeyi1jHI0GMophpVHcqDz7NRcipaifxipJBlL8ZEFOAI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 28 Nov 2024 16:18:47 GMT
x-hubspot-correlation-id: 846a6291-fd21-43b2-8381-8c856c3a9b16
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-4vblr
x-envoy-upstream-service-time: 9
access-control-allow-credentials: false
cf-ray: 8e9bad058af0a543-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 up
insight.adsrvr.org/track/ Frame FE1F 0
0 172ms
59ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=x8k8gsg&ref=https%3A%2F%2Fsecure.pva.org%2F&upid=3uxbtyg&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 28 Nov 2024 16:18:47 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 up
insight.adsrvr.org/track/ Frame 7F49 0
0 154ms
58ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mo8kjkd&ref=https%3A%2F%2Fsecure.pva.org%2F&upid=uknyej3&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 28 Nov 2024 16:18:47 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 big-thumbnail_PVA%20icon_2380_200x200.png
secure.pva.org/files/pva/ 7 KB
8 KB 34ms
33ms Other
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/big-thumbnail_PVA%20icon_2380_200x200.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

72519eb1bb5db7ea8a7cd8f81ba5acb92df6a034e6c2222684d9e1fc02fa5841

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.pva.org/

Response headers

etag: "1def-5f564d9132ac0"
age: 4955
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 16:18:47 GMT
content-type: image/png
last-modified: Thu, 23 Feb 2023 21:39:31 GMT
x-cache-hits: 2828, 0
x-served-by: cache-iad-kjyo7100040-IAD, cache-mia-kmia1760086-MIA
strict-transport-security: max-age=300; includeSubDomains; preload
x-timer: S1732810727.232170,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.pva.org
content-length: 7663
server: Apache

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__initial_referrer Value: (none)
secure.pva.org/	1969-12-31 23:59:59	Name: cookies_enabled Value: 1
secure.pva.org/	1970-01-21 10:56:10	Name: Springboard Value: 4anab6ZIGPzQlC9oBZ5ERPMT%2BQWMUXZZ1YhEO0Gvg%2BgOR%2FeI%2FYZlFqjx8l3iFym1
.pva.org/	1970-01-21 03:29:46	Name: _gcl_au Value: 1.1.1151846515.1732810724
.pva.org/	1970-01-21 10:56:10	Name: _ga_VFDSNZZS7J Value: GS1.1.1732810724.1.0.1732810724.60.0.892663606
.bidr.io/	1970-01-21 10:48:40	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-21 10:48:40	Name: bito Value: AADO6k7OkTAAABRsHD4Vvw
.pva.org/	1970-01-21 01:21:37	Name: _uetsid Value: 7053f860ada411efbdff97d955593489
.pva.org/	1970-01-21 10:41:46	Name: _uetvid Value: 70543480ada411ef8a60e589e873bf21
.doubleclick.net/	1970-01-21 02:03:22	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 10:56:10	Name: IDE Value: AHWqTUnK1wB0BO5Sp4MSEICcxILDHAQMaaKfV6pgLen2hXon1mAK9pxEg-86cMqw
.pva.org/	1970-01-21 10:56:10	Name: _ga Value: GA1.2.1879904047.1732810724
.pva.org/	1970-01-21 01:21:37	Name: _gid Value: GA1.2.1539298260.1732810724
.pva.org/	1970-01-21 01:20:10	Name: _gat_UA-2917786-1 Value: 1
.bing.com/	1970-01-21 10:41:46	Name: MUID Value: 07D04D9ED6BD6DB50F5358DBD72D6C5B
.bat.bing.com/	1970-01-21 01:30:15	Name: MR Value: 0
.pva.org/	1970-01-21 03:29:46	Name: _fbp Value: fb.1.1732810724365.280979633806397455
.doubleclick.net/	1970-01-21 05:39:22	Name: receive-cookie-deprecation Value: 1
.pva.org/	1970-01-21 10:56:10	Name: _ga_0RX53NN48D Value: GS1.2.1732810724.1.0.1732810724.60.0.845574182
.paypal.com/	1970-01-21 10:56:10	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: bi1anV3ge8y2zkUyVtOxatxUIjYJtcQrBZHqFf3XH1eI7iAc_yo2XkchpHvi2zX8P6mnTsdUVN9xvN6n
.paypal.com/	1970-01-21 01:20:12	Name: l7_az Value: dcg01.phx
.paypal.com/	1970-01-21 10:56:10	Name: sc_f Value: 3qBziBER8Q9VGbfUAA_RBhiLan0YYFReO0LLt4hcGUqIefX1hPc_RZWWyV9LanWn3wB4FMmM7JwieR55tUQyTajTnQDZQJve1hBhC0
.steelhousemedia.com/	1970-01-21 10:05:46	Name: guid Value: 70ee9367-ada4-11ef-8824-b5b2d4401dd8
.px.steelhousemedia.com/	1970-01-21 10:05:46	Name: tt Value: "H4sIAAAAAAAAAKtWMjY0NjaMN7IwtlCyMjQ3NrIwNDA3MgOK6Sj5BcVDZc0tjZWsDHSUypSsjJDFwboMagGB0cM3RgAAAA=="
.steelhousemedia.com/	1970-01-21 10:05:46	Name: rt Value: "MzEzMzE6MTczMjgxMDcyNg=="
.adsrvr.org/	1970-01-21 10:05:46	Name: TDID Value: 04222a0c-aad2-49c3-b584-f8f3c1af5241
.demdex.net/	1970-01-21 05:39:22	Name: demdex Value: 11838698980282382611997193089215011622
.dpm.demdex.net/	1970-01-21 05:39:22	Name: dpm Value: 11838698980282382611997193089215011622
.pva.org/	1970-01-21 05:39:22	Name: __hstc Value: 175373885.01d89142eff60997430886066e300a7d.1732810727185.1732810727185.1732810727185.1
.pva.org/	1970-01-21 05:39:22	Name: hubspotutk Value: 01d89142eff60997430886066e300a7d
.pva.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.pva.org/	1970-01-21 01:20:12	Name: __hssc Value: 175373885.1.1732810727186
.hubspot.com/	1970-01-21 01:20:12	Name: __cf_bm Value: IU984L4IxHi7ydRTRjozmemQiuBn0se40dXPAx35iMo-1732810727-1.0.1.1-jvj641pMYwjTeJQHF4QZBTxD.yWNnw6gQF8ZRa1OxOW.Dd7IQVQa7GKZN3brMVYRCIiNB.mL7vXjpPpOvDyp2A
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: e7cfG9u7B5Ni4tI1bqO4jzMHlhzUH2sdDBzV9A5tdP0-1732810727355-0.0.1.1-604800000
.adnxs.com/	1970-01-21 10:56:10	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 10:05:46	Name: audit_p Value: 1\|YzP64zwv5IsaroAIDGLVUAtkc+torEY9lHc7WuLSQ+x2znW90u4+FdKh2TYPQutVUgem/BYe3LndcuVnQi+ATffq0lRWg1JcpX+27h+c8owMHy4iKYxo+XuOfkkQCCsCA9Fuqt52bNlACWjOUdpyIv9KRmDFnD1YhEtZT8gQU1NA19Uy18rCHHvP52PeI+dpTjbsxdxTQ5bDGh6be8AxUuYKY0xKXIv2BplwajK/o1u5PVrRjiekRCDzwQ8ksA7X6Hb7liXo8URO+SITq6Q0XxqOcBxvXnxDzkBo8GvWj1Y=
.rubiconproject.com/	1970-01-21 10:05:46	Name: khaos Value: M41IRMPD-A-ODF
.rubiconproject.com/	1970-01-21 10:05:46	Name: khaos_p Value: M41IRMPD-A-ODF
.rubiconproject.com/	1970-01-21 10:05:46	Name: audit Value: 1\|YzP64zwv5IsaroAIDGLVUAtkc+torEY9lHc7WuLSQ+x2znW90u4+FdKh2TYPQutVUgem/BYe3LndcuVnQi+ATffq0lRWg1JcpX+27h+c8owMHy4iKYxo+XuOfkkQCCsCA9Fuqt52bNlACWjOUdpyIv9KRmDFnD1YhEtZT8gQU1NA19Uy18rCHHvP52PeI+dpTjbsxdxTQ5bDGh6be8AxUuYKY0xKXIv2BplwajK/o1u5PVrRjiekRCDzwQ8ksA7X6Hb7liXo8URO+SITq6Q0XxqOcBxvXnxDzkBo8GvWj1Y=
.adsrvr.org/	1970-01-21 10:05:46	Name: TDCPM Value: CAESEgoDYWFtEgsI2MuJ6Mv0xz0QBRIWCgdydWJpY29uEgsI7oHk6sv0xz0QBRIXCghhcHBuZXh1cxILCNqr5OrL9Mc9EAUSFQoGZ29vZ2xlEgsIiMX68Mv0xz0QBRgFIAMoAzILCIDV5pfi9Mc9EAU4AUIEIgIIAVoHeDhrOGdzZ2AB

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.pva.org/js/popper-1.14.7.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.pva.org/js/bootstrap-4.3.1.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://secure.pva.org/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10339774.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
api.hubapi.com
b.stats.paypal.com
bat.bing.com
c.paypal.com
c6.paypal.com
checkout.paypal.com
client-analytics.braintreegateway.com
cnv.event.prod.bidr.io
connect.facebook.net
dpm.demdex.net
dx.steelhousemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
lvs.stats.paypal.com
match.adsrvr.org
ndn.statistinamics.com
payments.braintree-api.com
pva.gospringboard.com
px.steelhousemedia.com
script.crazyegg.com
secure.pva.org
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
use.fontawesome.com
ww.steelhousemedia.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.19.147.8
108.139.33.128
13.58.62.169
142.250.65.198
142.251.35.168
142.251.40.163
142.251.40.164
142.251.40.194
142.251.40.226
142.251.40.230
15.197.193.217
151.101.1.91
151.101.129.91
192.229.210.155
20.49.104.19
2001:4860:4802:36::181
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:9310
2606:4700::6810:7574
2606:4700::6810:8dd1
2606:4700::6811:80ac
2606:4700::6811:afc9
2606:4700::6812:f46c
2607:f8b0:4004:c09::9b
2607:f8b0:4006:807::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2620:1ec:33::10
2a04:4e42:600::291
3.219.134.92
3.33.220.150
31.13.80.12
31.13.80.36
34.238.149.65
35.235.122.5
44.212.189.233
44.238.216.23
50.16.247.172
52.207.43.21
54.244.159.189
0045273fe3b4f81665145a395346b335e13500f74c5812c323c581a88b47e97a
0151eb55297e3ff0f84a8951ee6b8b7d1adbea33531bc0cc0e69d1b7f3efcabc
01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f
09ff0198d435fbfbc2829ae315241cca177530681ffa3ce49ba3a6c4dbb646d6
0aed456a12bd061e676434377e12edea0d6b2eeb3f76645ce38c87a2595b8c3c
0fedb4e6f00b9609208055681d54acfd0f063fcab1b3e5d4f0692c3e12ad3242
101542819699ccf7a879dbbdf495b0caacf3daba3da5e11063a1dcdf23bcb3e5
1221e8a9c508e7ad674595555382544d81cc1941754f8a9bf7a5d8465f49f837
150a5122614b13408ab1fb2e698bc12fa07b0ae73a7ae878c5214c85ab413ae8
1644123838ea536a3945c0fffaaee2ccc7b760c568c751150860e5903eca0515
1fb3ffa29e4df9c616dfdd2c1276520d936fab57715003be354a9a102e45ce03
202da7243545e62a15c917c50faa62d059cfd74b025ab27f3ade1684e6683c0a
243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be
3a7714daa93075de11e668bc163964cccc1d154d5255149a7c5d6baa4cd47291
3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3
3f5dd33d2091c85b1a7fa704a328f5867c1098e2d2322db6ad8efefbeade2d0d
42332c827deb541404462fc045c3fb33abd45df5fd5cda0dbb5ed3530c0922ac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4be2cdeae1f01d1d26d84abb918b4727807d5b074b75a882c2c1bdab4f99b2d5
4dc53133232dc7c448cc727f18d1649c2901e23c0547498703935d3c90e11a19
51cf588293c4536085a417dc54e8758ff104c2398553ebef3651c8ba563cf742
521d139111678ca592e1257647209d4cbf181623ac786da00da7fb4b9159a15a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
536828b57676df3c3fbc5cf716ec5b8745dd234a1ab0c561ea56c489e9929f27
661f0f86374715cacb9539e4bb666d6f0e65c918abc36ec4f9adf255b8679f21
66f8ad6fe4a2109e0118ba82570f350f1a77b4d284c539e86060297aeb0cd723
6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313
72519eb1bb5db7ea8a7cd8f81ba5acb92df6a034e6c2222684d9e1fc02fa5841
72561daecad9d07460125458467e9c4ae115aa992bf99bf5856d7606519be13c
72b438281f99c6f09df7be716564cbf0fe049fcd23b137e60de2ca46576d4e23
74a8f3cd52f6e6b619021cb1e993aafce21e5a5c267770c5317b0ef6d8bb6eb3
74c3e2888f4c583eca027b07d8765771f99c34fca56613283e5a1a748d9706ba
7730b05ed2ba475dcbf7e6118d4d2b195cf13ea6e0a1966ad91a731b4f22726a
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7a28aac0c4a655aa4386acb5826dbcd028932158671feb17cacebaf50117cc7a
7cef4210e5cde6c7f0dc2a865107d14a042b18b42391eeca2847d3942cb43786
836dc595eef9d30906d592cb443cef44e91a0ca4e63b61eb094a5987130e7614
8996c4050cf02c4bdb0ad2c120f3c77d72a8fb033b70e5ff7a5c32cf071ca4fc
90334a765f331b0057bda6976d556f14e1795fb8a8dafd9259c4f8cf3fd50a26
964a06105763847fb29c64db92df4909f3406d0a14fcfa26e39f488f9f542e3d
9909b4d889445b2a5d83e7d1dfabe303cc01fd45ea8a4e00e47ae6d432161a19
995da7831c463b9fb934f20b6d698eba8a0ab94c64a1b7bbb2915ebe9ef20624
9af4a2d59c6a38155eac111dd46de3b97a8b6cbf3debccb7c1d3b9705dcb2946
9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b5a102aed533390e53f0c3da4a28fd5a0c882afb2d67abd36ae78e418f2d9e5d
b78af013ab11e2dd049f6a054a7b8d421cd22d6ec4cf8a78c3377c0fb8046ef4
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c667218153719151d614873b497555ca7b17bac0946adce5ca9a3407bc3c6328
c73336ae45f9d2cbf9ce5aed0b62cf662ef292c1dbd2ebb5e5c29fd11d2c77fe
ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1
cd5ff1180bde508f5fb754d01c796a6dffe1192f0fe2ecc373bf39a9f59afb25
cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d
d87a359d6aa6c271d264b80853c79b1665a44ee02b41acb22ca28749cbb5cb62
d8a8fb066e96723161e96e1eef424ef7dd67afd9325384a9e929941139961b31
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc949864a6647da9cacca605e3c4b61903182b034d4ee995e2b2b15550fb9b00
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e066e73bfc3a14b42003f6382dcdc86bd6f3343d5cb01c7e1e995192461c0da8
e199e5a350de0e376a152d733453da57b812a01704c8f8ac604e128428cd72a2
e30966cd85463012960378b6cdd71c73a9ffa7e16d47c0f0f19d663cd63c0a47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422018cd78c3507e76970cf024bfdbdad700cdce97ad3d0207ea668b3808015
e4e4793845d12dc4cdc83ef651f925bdd85ddf29ba27b41d30f5c634fd7f5bea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a4644b5864e851709baa6a9f23a208002439ae117f87b5c6808a2bacf6fa1
f4393c9ed78d260b6896b8aeb780f2af68c393ae3b89481d32f96ea39f69ab76
f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904
ff7276ef42415e952f50d6801d44b5c51cd4d21241b2c924d64e22f0db025959

secure.pva.org Open in urlscan Pro 151.101.1.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

96 %HTTPS

37 %IPv6

27 Domains

40 Subdomains

40 IPs

3 Countries

1663 kBTransfer

4481 kBSize

40 Cookies

4 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.pva.org Open in urlscan Pro
151.101.1.91 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

96 %
HTTPS

37 %
IPv6

27
Domains

40
Subdomains

40
IPs

3
Countries

1663 kB
Transfer

4481 kB
Size

40
Cookies

115 HTTP transactions
0 data transactions