givenow.lls.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

URL: https://classy.org/give/299329/#!/donation/checkout
Title: Donar

URL: https://www.lls.org/ways-to-donate/donate-crypto
Title: here

URL: https://www.classy.org/terms/
Title: Terms of Service

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

URL: https://www.classy.org/terms
Title: Terms of Service

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

URL: https://www.lls.org/sites/default/files/2021-08/Donate-by-mail-form-8-21.pdf
Title: mail

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary\u0026amp;orgid=3993

URL: https://www.guidestar.org/profile/13-5644916

URL: https://greatnonprofits.org/org/the-leukemia-lymphoma-society

URL: https://www.charitywatch.org/charities/leukemia-lymphoma-society

URL: https://www.lls.org/article/refund-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Refund

URL: https://www.lls.org/article/privacy-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Privacy

URL: https://www.lls.org/article/copyright?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Copyright

URL: https://www.lls.org/article/security?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Security

URL: https://www.lls.org/article/disclaimer?_ga=2.124336969.2115204755.1657652971-145610482.1654635694
Title: Disclaimer

server-99-86-4-127.fra6.r.cloudfront.net

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://givenow.lls.org/ HTTP 301
https://givenow.lls.org/give/342076/

Request Chain 97

https://app.five9.com/consoles/SocialWidget/five9-social-widget.css?_=1673042041078 HTTP 302
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

Request Chain 158

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Request Chain 159

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Request Chain 167

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500&dcc=t

Request Chain 178

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Request Chain 180

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000&dcc=t

Request Chain 214

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eZi4Y5LZMofsxwKE8oLYBQ&sscte=1&crd=&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eWo4DEA6h9m559MEGre85zq4Wo7MEa0AOQ&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjcza1RIcU05XzhhZTZCLTZPY0RORTNlckFOcnVPUnV5RXlVYjNzZjhFN2ZCclpkYmlWenpGSVg HTTP 302
https://www.google.com/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjcza1RIcU05XzhhZTZCLTZPY0RORTNlckFOcnVPUnV5RXlVYjNzZjhFN2ZCclpkYmlWenpGSVg&is_vtc=1&ocp_id=eZi4Y5LZMofsxwKE8oLYBQ&cid=CAQSKQDq26N9gwj6YbkYaqkaZE3YWDmtXk_HWAWpCp4ljnpJ1WFc3FkcPdG9IBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eSz1VlUoZlgiyF9_XRVHx3UZZ-aSiVq5zw&random=2824570186 HTTP 302
https://www.google.de/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjcza1RIcU05XzhhZTZCLTZPY0RORTNlckFOcnVPUnV5RXlVYjNzZjhFN2ZCclpkYmlWenpGSVg&is_vtc=1&ocp_id=eZi4Y5LZMofsxwKE8oLYBQ&cid=CAQSKQDq26N9gwj6YbkYaqkaZE3YWDmtXk_HWAWpCp4ljnpJ1WFc3FkcPdG9IBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eSz1VlUoZlgiyF9_XRVHx3UZZ-aSiVq5zw&random=2824570186&ipr=y&prhg=0&ezwbk=AZuM4hAqHzEmguncNM8b9elG7CIx6DuAJ3tkddq1jk5zXnms6RDNeabyNgRdyaVbE9cWcVv1CamI6s88xef2utJcJb8t

Request Chain 215

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eZi4Y4vbMtrh1gaIpayAAw&sscte=1&crd=&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eQfeTUYvXZYmiBWv-yQWVYTBtrmIGnOmNw&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjJOTmtralh6SXVmdGtiUkMxbk15QkgwYjV0RndDV0RWQWFvMTNfUjNHZWN6NXdiTXhsWk11UEo HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjJOTmtralh6SXVmdGtiUkMxbk15QkgwYjV0RndDV0RWQWFvMTNfUjNHZWN6NXdiTXhsWk11UEo&is_vtc=1&ocp_id=eZi4Y4vbMtrh1gaIpayAAw&cid=CAQSKQDq26N99_1lGkSygFsz4nKQG3RfnsdaqexMYPRSQ4NvtnsfDwcPqbFnIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ecRAP6ARc0TMM5bWlVvDS4tkKwk1cPIApA&random=3336243522 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjJOTmtralh6SXVmdGtiUkMxbk15QkgwYjV0RndDV0RWQWFvMTNfUjNHZWN6NXdiTXhsWk11UEo&is_vtc=1&ocp_id=eZi4Y4vbMtrh1gaIpayAAw&cid=CAQSKQDq26N99_1lGkSygFsz4nKQG3RfnsdaqexMYPRSQ4NvtnsfDwcPqbFnIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ecRAP6ARc0TMM5bWlVvDS4tkKwk1cPIApA&random=3336243522&ipr=y&prhg=0&ezwbk=AZuM4hDHsmUIscuQQE2rlGc4i81TtM_xOBeerE9vCEc17aT-HHKoj-ICRUrxeu41mLyrrbLC1QlD1F-khG5cKuCBtI8c

Request Chain 242

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=epi4Y49qhaHXBq_RhcAO&sscte=1&crd=&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eamvJbh44oxsmUE2xjwrfQi-hHNbbgAcwQ&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjhpY0pDTGl5M0JDOV9OVEdrOU5CM19TSGkxNThYUmNXUEgyLWtVbkdyM0tDWUYxU1d6XzZHazA HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjhpY0pDTGl5M0JDOV9OVEdrOU5CM19TSGkxNThYUmNXUEgyLWtVbkdyM0tDWUYxU1d6XzZHazA&is_vtc=1&ocp_id=epi4Y49qhaHXBq_RhcAO&cid=CAQSKQDq26N9Pt3QWpC4WNwjdQwYtryyyjahy4N2nF4Y8PwyNK3Z5mBoVcCiIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ebzyuBHlV8c03rGx06k8x1aYK3Qq6QXNqg&random=3222556992 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjhpY0pDTGl5M0JDOV9OVEdrOU5CM19TSGkxNThYUmNXUEgyLWtVbkdyM0tDWUYxU1d6XzZHazA&is_vtc=1&ocp_id=epi4Y49qhaHXBq_RhcAO&cid=CAQSKQDq26N9Pt3QWpC4WNwjdQwYtryyyjahy4N2nF4Y8PwyNK3Z5mBoVcCiIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ebzyuBHlV8c03rGx06k8x1aYK3Qq6QXNqg&random=3222556992&ipr=y&prhg=0&ezwbk=AZuM4hBFjdf3a426wxwP8sjI6fwzYWfnTehbE1i33_aRPjUiUENjBQZn1XJnMY8NhnNDAiepvgNnITPoEQ6iE7QIThVG

Request Chain 288

https://ib.adnxs.com/setuid/a9?entity=188&code=j9c5Z-9pQQ-vApxY402dNw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dj9c5Z-9pQQ-vApxY402dNw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=j9c5Z-9pQQ-vApxY402dNw

Request Chain 290

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216643104388004173541&ex=neustar.biz

Request Chain 291

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=QQ3IDBdpTYacId2KybnCxA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=QQ3IDBdpTYacId2KybnCxA&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

Request Chain 292

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

Request Chain 293

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 294

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=drh4tDA5RBy2UDSyR6JMPA HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=drh4tDA5RBy2UDSyR6JMPA&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=drh4tDA5RBy2UDSyR6JMPA

Request Chain 295

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

Request Chain 298

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 299

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 301

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

Request Chain 304

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870e7684a3

Request Chain 305

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_w_Xuyw9TP-vp1Ry7SzV6Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_w_Xuyw9TP-vp1Ry7SzV6Q

Request Chain 306

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=z9CYHl3NRtOZPpDP2Ltycg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=z9CYHl3NRtOZPpDP2Ltycg

Request Chain 307

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=NuMzbFHSRV-li9dUye0JqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=NuMzbFHSRV-li9dUye0JqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=68759795453490829272162014616671581646

Request Chain 308

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=R65LfLyMQhutEqPKcgcoSg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810468695687822049&gdpr=&gdpr_consent=

Request Chain 310

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4159758543587229001

Request Chain 311

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a30a2462-8e0c-11ed-b826-10ffbde80106 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a30a240b-8e0c-11ed-b826-10ffbde80106

Request Chain 312

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%224b4985db-fc35-48d8-be24-945abaec051c%22,%22Time%22:%2220230106T215404.457029%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

Request Chain 315

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ae1c9a0497064bc0515af7e95d441437

Request Chain 317

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

Request Chain 319

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

Request Chain 320

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

Request Chain 321

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=QS5RIGkyRq6vX1K-oSUqlg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=QS5RIGkyRq6vX1K-oSUqlg

Request Chain 322

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=q-lYM_eBe2VXETWmumbQQg&ex=rubiconproject.com&status=ok

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Hrf-UiTBQU2cR8xfBWzoWg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 325

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B8632A05926A0290D306

Request Chain 326

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

Request Chain 327

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2AB4A885-FB64-43E3-86FB-6C827D235BA0

Request Chain 328

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=495fc65c-b759-4ec5-9e21-3d53fbe5de42-tuctab21dfd

Request Chain 329

https://ib.adnxs.com/setuid/a9?entity=188&code=qM2GgdwOTc-27_SCR8_5OA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DqM2GgdwOTc-27_SCR8_5OA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=qM2GgdwOTc-27_SCR8_5OA

Request Chain 331

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217293104388004174795&ex=neustar.biz

Request Chain 332

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=tw6YeTIUSP-sXKm64aw-tg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=tw6YeTIUSP-sXKm64aw-tg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

Request Chain 333

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

Request Chain 334

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 335

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qzXXB6ZGSoKvuyh-rM_dEg HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qzXXB6ZGSoKvuyh-rM_dEg&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qzXXB6ZGSoKvuyh-rM_dEg

Request Chain 336

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

Request Chain 339

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8a8caf9aad1e450cc56c3fc44784438&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 340

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 342

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

Request Chain 345

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870f54a9c1

Request Chain 346

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TxwjPwSaTUm6tA8MY9ZyJA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TxwjPwSaTUm6tA8MY9ZyJA

Request Chain 347

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=ACFIgt2kTQS91eqO8uckjg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=ACFIgt2kTQS91eqO8uckjg

Request Chain 348

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=BGbeJ4x5SviuZaNsXQ9JsQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=BGbeJ4x5SviuZaNsXQ9JsQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=10130620350127968431254472599299687230

Request Chain 349

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=YigD3SuATsGkvcCE_XlVhQ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814972294704124534&gdpr=&gdpr_consent=

Request Chain 351

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8911594852075945587

Request Chain 352

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a3098026-8e0c-11ed-b7fc-17f3d7a10506 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a3097fc9-8e0c-11ed-b7fc-17f3d7a10506

Request Chain 353

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22e1591583-d9e4-4039-9807-4abd7efe300e%22,%22Time%22:%2220230106T215404.458523%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

Request Chain 354

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

Request Chain 356

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ccaaf5b9f936f34f770a2aff84167946

Request Chain 358

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

Request Chain 360

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

Request Chain 361

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

Request Chain 362

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=hE0w27S4SC6-hrbtAva_Ww&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=hE0w27S4SC6-hrbtAva_Ww

Request Chain 363

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3ogNW9S9Y3U-FIvkwGLwaA&ex=rubiconproject.com&status=ok

Request Chain 364

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Rm8HOrRlThqUaaxEzUB32w& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 366

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B863D804A66202510503

Request Chain 367

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

Request Chain 368

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=DDECCB36-8099-4B00-907A-15719DD1D192

Request Chain 369

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5754ff86-f0e3-48bf-8aa1-3a2b5838f149-tuctab21dfd

372 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
givenow.lls.org/give/342076/ 416 KB
64 KB 1048ms
1001ms Document
text/html 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e1e938e87ba5716e520e3815408345bda2a14a8e61c05d9af3553f13ac3d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7857b07fccd29b5d-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:53:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.css
prod-frs.content.classy.org/prod/17609/static/frs/ 1 MB
141 KB 106ms
61ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/frs/main.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a2d69a665afe110666c55d69f3a8fc443644b5f8350d909b079b8b28301968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: W74WQYMGK6XTCVXF
age: 4514
cf-polished: origSize=1110884
x-amz-id-2: dga/a8W8im82HXg0HF/whL9+VthVkyR89ycpJo0YWsQr4/EIjtCQkWX9yiD4uKwQjzxKAGTST3Q=
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
etag: W/"30f97d02132cda013558e1cee5fde89b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7857b086eee05c7a-FRA

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 145 KB
20 KB 381ms
182ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b4cb861c0a96921bd708714737d480605c5328b0be8f182c8865ca12e8b694d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
content-encoding: br
last-modified: Tue, 03 Jan 2023 18:31:03 GMT
server: nginx
etag: "63b47467-4ffe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20478

GET
H2 200 rocket-loader.min.js Show response
givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 11:26:13 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63b6b3d5-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7857b087dc4b9b5d-FRA
expires: Sun, 08 Jan 2023 21:53:59 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 80ms
62ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7857b087f957bbe6-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/17609/static/onetrust/ 50 KB
12 KB 35ms
33ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: W74QDYB20N01SWYK
age: 3146
cf-polished: origSize=54583
x-amz-id-2: SA5GeMF7DJK/NW498uhf2UDWBP0xjHPxrlDBUZ8iwimpv9UPlA5cQdvmwmsffH/B9YC335bYLXg=
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 19:04:34 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7857b0891a875c7a-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 18 KB
5 KB 530ms
126ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:53:59 GMT
last-modified: Tue, 27 Dec 2022 17:02:11 GMT
etag: "802bd2f5141ad91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4568
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 47ms
28ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27404243
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FWKTFYANCDM24T97NPXK93TN-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7857b0893af66925-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17609/static/frs/donation/ 182 KB
37 KB 38ms
36ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/frs/donation/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e1fbbfaf3c1c74fc8f9928bee5efaa5a24c058378512cd9cfc3f10b2d7848b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
x-amz-request-id: 0MX6G3VT9RBKY0SC
age: 15875
etag: W/"b9a66d36f9d531edbd137e2408bd428a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7857b0891a8d5c7a-FRA
x-amz-id-2: O05DSl4erEy9Ov/0RxSx48mnnuw2Fu/IqvbUDJMvxPNlzKKNxbQpFJrHklq3jpUWoxYS+k+n306iddiLmBl07g==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17609/static/global/ 2 MB
367 KB 53ms
51ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eab19f9ced32f355ff136aee0888cfc1b285635fe1d7eda134f3e9a14cbb4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:34 GMT
server: cloudflare
x-amz-request-id: W74NJ9GFYYYX3QH0
age: 4787
etag: W/"909ab5ffa09b1236b46c0a9dff817fbe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7857b0891a8f5c7a-FRA
x-amz-id-2: B9fa/k/BNBnBoEqdNc7q3TBCDHeCwgw1LpZkhYJXwByXh3iuokUmz+Fm1+trlBjptHC+SZPSR3c=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/17609/static/global/ 1 MB
430 KB 43ms
41ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/libs.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:34 GMT
server: cloudflare
x-amz-request-id: W74M9VRSF2SDCHHK
age: 4787
etag: W/"772e1301b871cc2545926cb86ee5965f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7857b0891a935c7a-FRA
x-amz-id-2: dzd4EiEjOFLWZ11op0AbY/nIG9YrSAQV6uKyRZDmSgUL0tr8cC43u3RIptdhUDliYRNfa8t3vVM=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 98ms
7ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:53:34 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 18:48:40 GMT
server: nginx
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"63b5ca08-2bc3c"
age: 3625
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Xays2vzsSYyW_p-ql250j5C9m8IO_QoBo6xKq3XSmk7XT4Tj8EGAZw==
expires: Sat, 07 Jan 2023 20:53:34 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 109 KB
37 KB 86ms
31ms Script
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b8e8cbd04eeea4aa57212c9796632e0ce3c9d58515901f3623bd0d868c95102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: jUqvYM98uBukg7aGOq5lzPOlbgsnec5N
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
date: Fri, 06 Jan 2023 20:22:27 GMT
x-amz-request-id: JKW49M3J4Y0YNGC6
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 5543
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: /j9zkEPWkqHJsWsjbVxsZHZ40LEe5T/gcJsRGqydY1K9EwZb21yRxXabhrQW27dbqEoBu6IzJ2laCWrsStFQRw==
last-modified: Thu, 05 Jan 2023 19:58:26 GMT
server: AmazonS3
etag: W/"a267786ba40cec195cf4227040f2b75a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: ZXsaCkeopvaptPwHaoWCCiA3uSv-_nyirj739wQFENMFNZyq61Ubmg==

GET
H2 200 / Show response
js.stripe.com/v3/ 414 KB
100 KB 130ms
22ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a104-96-92-79.deploy.static.akamaitechnologies.com

Software

Cloudfront /

Resource Hash

9104ad43e2a9b75023e3e08ca58033c8850a9392007d109ac43847cd9b3f8616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:53:38 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 24
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 21:28:22 GMT
server: Cloudfront
etag: W/"51e4bb7721625693a6f67474c52ae7c3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: S8sYLws9rRYHZ_ug09UF3QMbjqXoR-E7gLxPl4YCnUlMObkEnaPCdQ==

GET
H2 200 20864580600.js Show response
cdn.optimizely.com/js/ 441 KB
118 KB 114ms
41ms Script
text/javascript 2a02:26f0:dc:38e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20864580600.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:38e::13b8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

505cdbac9b420f42f0042aed23d13484633275ed1dd1423ea2cdc51fd1ea163f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: WwZlRdMtXxaYovXXm5OX19IhVb8jLDwz
content-encoding: gzip
date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 4280FZB3Z9R86T38
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2964
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="20";dur=0,cdnip;desc="2a02:26f0:dc:38e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 119743
x-amz-id-2: jWSiKWZ8m9oTJievTojw4KK/lFhxs4V9DTlX8hhYQyVFCeh9GKEmupcBSaHAI3I3bNgEY6UsJRXMM0vbSmKK2Q==
last-modified: Fri, 06 Jan 2023 20:33:31 GMT
server: AmazonS3
etag: "beda98f4922734b2884a40ff9615230d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 431 KB
92 KB 92ms
91ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 284566894edf74d4218651b8deba4618d26f57b1f075a6d11831554e5a32d16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
content-encoding: br
last-modified: Tue, 03 Jan 2023 18:31:02 GMT
server: nginx
etag: "63b47466-16eaa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93866

GET
H2 200 a20864580600.html Show response
a20864580600.cdn.optimizely.com/client_storage/ Frame B5EB 3 KB
2 KB 225ms
162ms Document
text/html 104.96.92.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20864580600.cdn.optimizely.com/client_storage/a20864580600.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.92.79 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8af5f37fe9eeb5ef3eb17d72f394804600af016ed5ac75e2447bcaac34bcbe24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1054
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:53:59 GMT
etag: "4f607a69e6975e1edb3b872076138760"
last-modified: Fri, 06 Jan 2023 20:33:23 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="16";dur=0,cdnip;desc="104.96.92.79";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: LIsvPVmiMTMTqAQkMnsybsiWIivWl1lwxALKo79ndZAHKuwyvwWejGmYUmQxT7kIsuiHhutSaYs=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: BHA7PYE04C9N5Y4E
x-amz-server-side-encryption: AES256
x-amz-version-id: FUyuQ70D9zB3VL5tSYzmw6PdIKX2N0F9

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 95ms
24ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 20:27:13 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5206
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 06 Jan 2023 22:27:13 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 120 KB
38 KB 76ms
9ms Script
application/javascript 13.32.121.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-116.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

76fb60559af657765a07d8d24a272eb3a1fb8c4a07b251d113663b2dd500100f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:08 GMT
content-encoding: br
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA60-P1
age: 51
x-powered-by: Express
etag: W/"1e164-bZPQhDpC1K05CotInYIesA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MdaBq9JpgCuRh2iASvsvnBcN3fWjrdZHjkg42m93SLwqgPNG2uScyg==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 211ms
150ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Jan 2023 21:53:59 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 151ms
149ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2023-01-06T21:53:59.680Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Jan 2023 21:53:59 GMT
via: 1.1 google
bugsnag-session-uuid: 16d6a0e7-613e-48d1-aa21-b388d13fc5f7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 932 KB
54 KB 342ms
273ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a13a07fe1bb6f9cc1bd6857a3fc0e4072a142957b67c695aea051526aa6bc350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54301
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Jan 2023 21:54:00 GMT

GET
H2 200 sdk.js Show response
givenow.lls.org/sso/ 11 KB
3 KB 75ms
74ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/sdk.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

ce3698a4611e0b39df537a8b3ff7db64efc1f77e76d278ba09ce19336deaa6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 21:48:26 GMT
cf-bgj: minify
server: cloudflare
age: 333
cf-polished: origSize=21336
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7857b08c1bcc9b5d-FRA
expires: Fri, 06 Jan 2023 22:08:26 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1453/ 0
45 KB 7ms
7ms Other
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1453/link-dynamic-loader.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: u6sj289bBTDkCqT0MMvTBmEhtHo7BFB1
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
date: Fri, 06 Jan 2023 20:21:51 GMT
x-amz-cf-pop: FRA56-C1
age: 42424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Jan 2023 19:58:26 GMT
server: AmazonS3
etag: W/"1c4ea28b142a9e222adfadc6cfe81e43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: tRUB6f9N1IO9S4pvWksWb0c7mMC3gj-AO3bTZbyNuDtilj0J02GzHw==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 346ms
100ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F342076%2F&q=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&d=givenow.lls.org&t=The%20Leukemia%20%26%20Lymphoma%20Society&us=sfmc&um=email&ua=ThankYou_20230106_National&ts=1673042039822&st=1673042039845

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 68B3 200 B
1 KB 20ms
19ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2022
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:20:18 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 05 Jan 2023 22:04:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: uLvxfs-CaLYj0IARqIt1p0ChPXJ3FHbOChQgumZ9es45HwfToqgouA==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 23ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:53:59 GMT
x-amz-request-id: 0VBX1BWD3S1A6V8P
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: pQ+jrNPUFKPfQ/gTJNpVZPsTUUUaoqSYT/RmuqthVo7lBwjCJux4bnlWYYDOD5Amd//bd70XbV0=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1673042040.868220,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5584

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 83ms
50ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
content-encoding: gzip
x-sp-metadata: HS256.CIfN4p0GEp8BCiRiZWZkOGUyYi1iMzIzLTQzMmItYjZkZS05NzE1N2M5ZDNlNWUQ+OiCoKvU+wIaBgj3sOKdBiIkMmEwMjo2ZWEwOmM3MWI6MDoxMDEyOmEwOTk6NjVjYzoxZDZhKJysAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkY2E5YWQwYjMtNTRlYS00OGY3LThlMTMtYWUwODI2YmJhNjM3GO3xASIYCAISFGNkczI1OC5mcjguaHdjZG4ubmV0.rx0TS0E+g+ZkLLVtY12MEdudBkJ9qpsVbOObEN8GNF0=
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1673042039.dop154.fr8.t,1673042039.cds228.fr8.hn,1673042039.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/17609/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 31ms
31ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 45R6DY4TE79ASXNW
age: 3140
cf-polished: origSize=22581
x-amz-id-2: EsB3x7g0UT4lDyI1oImGv2MQcRSnhBgFlMRm4r74jFrVo5dPxl7o5bXDqGGXo/sC2LF70f5Oq6k=
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 19:04:34 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7857b08d18d15c7a-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 56ms
25ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32105670216744905909_1673042039585&_=1673042039586

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7857b08d49bfbbb0-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 199ms
151ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Jan 2023 21:54:00 GMT
via: 1.1 google

OPTIONS
H/1.1 200 available_campaigns
app.five9.com/appsvcs/rs/svc/orgs/ Frame 0
0 588ms
112ms Preflight 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/appsvcs/rs/svc/orgs/available_campaigns?tenantName=Leukemia%20Lymphoma%20Society&campaignNames=Donation_LLSClassy_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,farmId
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,farmId
Access-Control-Max-Age: 3600
Allow: GET, POST, PUT, DELETE, OPTIONS
Date: Fri, 06 Jan 2023 21:54:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 81ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:00 GMT
Content-Encoding: gzip
Age: 893
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67BE)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 06 Jan 2023 21:54:00 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 44ms
7ms Script
application/javascript 2600:9000:206f:ee00:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ee00:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 13:51:18 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28988
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 747
x-amz-cf-id: wsQys4VqnR6o1s0SPJLAtnRSEbo0nREXdMuD2gSLaH1xWIsY-Qb3ZQ==

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 178ms
152ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2023-01-06T21:54:00.155Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Jan 2023 21:54:00 GMT
via: 1.1 google
bugsnag-event-id: 63b8987800a37a2a67a10000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200 available_campaigns Show response
app.five9.com/appsvcs/rs/svc/orgs/ 177 B
2 KB 122ms
120ms XHR
application/json 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/appsvcs/rs/svc/orgs/available_campaigns?tenantName=Leukemia%20Lymphoma%20Society&campaignNames=Donation_LLSClassy_Chat

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

74789324cd68507e9e6c29735b3853eed72430423be72baf3d0e28f15059bd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

Date: Fri, 06 Jan 2023 21:54:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Session-Expiration-Date: Sat, 07 Jan 2023 05:54:00 GMT
X-XSS-Protection: 1
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,farmId
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,X-TS-AJAX-Request,f9-transaction-id,Date,apiRouteKey,uiRouteKey,farmId

GET
H2 200 market-data Show response
givenow.lls.org/frs-api/crypto-giving/BTC/USD/ 36 B
194 B 464ms
462ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3490d053eef14970f5be8beba1e29d9fe64cf7e156a420d3983f732a6b30ca55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-64e844b5db01afff----1673042040262
traceparent: 00-4de62aa108116a711d7733e03c49ca50-64e844b5db01afff-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NGU4NDRiNWRiMDFhZmZmIiwidHIiOiI0ZGU2MmFhMTA4MTE2YTcxMWQ3NzMzZTAzYzQ5Y2E1MCIsInRpIjoxNjczMDQyMDQwMjYyfX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"24-LDLdgzkB/qikmUJm5UMy3INt/T8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7857b08faab69b5d-FRA
content-length: 36

GET
H2 200 tax-entities Show response
givenow.lls.org/frs-api/organizations/33874/ 397 B
314 B 927ms
926ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/tax-entities

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb8db5cce14758494b967647bf771905022f3e68363de55b7440e9f6b65615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-32c6aa8d16774575----1673042040267
traceparent: 00-5adbd494ea3f7eac1565778e5c046f80-32c6aa8d16774575-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzMmM2YWE4ZDE2Nzc0NTc1IiwidHIiOiI1YWRiZDQ5NGVhM2Y3ZWFjMTU2NTc3OGU1YzA0NmY4MCIsInRpIjoxNjczMDQyMDQwMjY3fX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-JccVDYLjkX8/sTUd67MWdvg9V/M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b08faab89b5d-FRA

GET
H2 200 channels Show response
givenow.lls.org/frs-api/campaigns/342076/ 784 B
567 B 469ms
468ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6209385b2dff3d5c09c860be40500f80677b553033fc73754daf8f5ed86ee9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-2652bfdc59a9e620----1673042040268
traceparent: 00-3dd22c42b97dac00666e89b1ddda1650-2652bfdc59a9e620-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNjUyYmZkYzU5YTllNjIwIiwidHIiOiIzZGQyMmM0MmI5N2RhYzAwNjY2ZTg5YjFkZGRhMTY1MCIsInRpIjoxNjczMDQyMDQwMjY4fX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"310-t1SeSvQHE73QW/sU188g5IOTEgM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b08faabc9b5d-FRA

GET
H2 200 ach-account-routing Show response
givenow.lls.org/frs-api/organizations/33874/ 33 B
176 B 533ms
532ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/ach-account-routing

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-3a7be397946a7f23----1673042040269
traceparent: 00-b714e9a53189d66336c794cef5812d00-3a7be397946a7f23-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzYTdiZTM5Nzk0NmE3ZjIzIiwidHIiOiJiNzE0ZTlhNTMxODlkNjYzMzZjNzk0Y2VmNTgxMmQwMCIsInRpIjoxNjczMDQyMDQwMjY5fX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b08fbac29b5d-FRA
content-length: 33

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 288ms
253ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d0a59a7d5962fc2365ce5b9bad4ff296a38e07ec6384068ba19dac6ada2e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 694901a9-1e34-4401-b4cd-a8e517ee7d3f
cf-ray: 7857b0901d499225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
583 B 164ms
130ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 55cefd4e-342f-47bd-a840-ccf0429541f1
cf-ray: 7857b0901d4b9225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaign/342076/ 1 KB
599 B 455ms
455ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaign/342076/designations?per_page=100

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c44e38eae7e0c63c236781343dce1044c304c5866514482bb394c6086e48cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-db41f2013eb5fb27----1673042040361
traceparent: 00-7c9111e1a21a42ac37401b5c51932eb0-db41f2013eb5fb27-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkYjQxZjIwMTNlYjVmYjI3IiwidHIiOiI3YzkxMTFlMWEyMWE0MmFjMzc0MDFiNWM1MTkzMmViMCIsInRpIjoxNjczMDQyMDQwMzYxfX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"42c-U9/MOkbQU5gMR1dPYUUHWJVkndU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b0904bf19b5d-FRA

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaigns/342076/ 1 KB
609 B 212ms
210ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/designations?filter=id%3D39235

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d2f30d7a7b952bf1d098ed3089ce0042df10082532f951d48a2fa9b3cd37b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-a12fdded40471449----1673042040363
traceparent: 00-f47aeb00c9f17eb890b5ebc904e445e0-a12fdded40471449-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMTJmZGRlZDQwNDcxNDQ5IiwidHIiOiJmNDdhZWIwMGM5ZjE3ZWI4OTBiNWViYzkwNGU0NDVlMCIsInRpIjoxNjczMDQyMDQwMzYzfX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"425-036EpQKrFg6xx/79merneuhS1UA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b0905c059b5d-FRA

GET
H2 200 currency-conversions Show response
givenow.lls.org/frs-api/i18n/ 75 B
200 B 431ms
430ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c312cb17df9249635f33849664e83a2454ad4335f3c9287b7c190730dc22d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
tracestate: 423787@nr=0-1-423787-363751183-0e46125c6356ec51----1673042040511
traceparent: 00-13d736b843230b7edcfcf980ad5fc4d0-0e46125c6356ec51-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwZTQ2MTI1YzYzNTZlYzUxIiwidHIiOiIxM2Q3MzZiODQzMjMwYjdlZGNmY2Y5ODBhZDVmYzRkMCIsInRpIjoxNjczMDQyMDQwNTExfX0=
Accept: application/json, text/plain, */*
csrf-token: Lx8b6iHr-8LcQ1y7BSIMoT21p3OcdebJthRg
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-6V5IAkIBNBD6VNM9SmtFJrQin54"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b0913d5c9b5d-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 285ms
284ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588f29478ac2beabff06be8bd82ff8baa4668434da9154ca072df1e2e7b91d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: f39be9c8-8dd7-4472-b80b-e6434fd16461
cf-ray: 7857b0913ea19225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
givenow.lls.org/static/global/images/ 2 KB
2 KB 48ms
46ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 97477
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Thu, 15 Dec 2022 19:01:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "639b6ef2-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7857b0914d729b5d-FRA
expires: Fri, 05 Jan 2024 18:49:23 GMT

GET
H2 200 1f305074-be54-11eb-a799-0a610299dcaf.jpg
assets.classy.org/4195518/ 9 KB
9 KB 54ms
51ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/4195518/1f305074-be54-11eb-a799-0a610299dcaf.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f8dd03c2192a5aba71380609f29b1fa5f923eea061b24760839a1fb888e54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: W6Nyba5P38GUPZGZafiQ4JSnYY_WGNW_
age: 3113974
x-amz-cf-pop: FRA60-P3
cf-polished: qual=85, origFmt=jpeg, origSize=57544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="1f305074-be54-11eb-a799-0a610299dcaf.webp"
content-length: 9186
last-modified: Wed, 26 May 2021 18:56:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a7de55223120c69c682ce03b55830442"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7857b0914fd75c7a-FRA
x-amz-cf-id: i8R03q4URLWqWcgZsduxiMMeNhCK6DgDF-vT1HWzFJAG1ZoSIG5gvg==

GET
H2

200

/
givenow.lls.org/give/342076/
Redirect Chain

https://givenow.lls.org/
https://givenow.lls.org/give/342076/

32 KB
32 KB

970ms
969ms

Image
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/give/342076/

Protocol

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self';
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7857b094cc5f9b5d-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://givenow.lls.org/give/342076/#!/donation/checkout
cache-control: max-age=300
cf-ray: 7857b0914d769b5d-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK footer-logo-charity-navigator.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 7 KB
7 KB 387ms
118ms Image
image/png 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-navigator.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 439aa6b5ecb2230ff8c9dd2d23a72ac144241362ad13d6371ecab2b3148da2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-version-id: omnJoSDO52TWSAvgBdn2GfvX3cg9OXL4
Last-Modified: Tue, 09 Nov 2021 18:16:56 GMT
Server: AmazonS3
x-amz-request-id: FRTQES5Q08Y2DZXP
ETag: "c2fb98aa5eb275ea5257858c8c77afd1"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 7020
x-amz-id-2: CAEej1T69cEHoynQNkDoeWtaVmvTp1Q/+V6b4SXqZ1RvbAAaErf8YzOVnqvloKdCarHj/HPsDt0=

GET
H2 200 6939026
widgets.guidestar.org/TransparencySeal/ 11 KB
4 KB 452ms
396ms Image
image/svg+xml 172.67.23.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6939026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60545e054ec3ed32276ff337a4775973165502a5d7420dcbe0c7c3c1e3136d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7857b0919fb29b8f-FRA
expires: -1

GET
H/1.1 200
OK footer-logo-great-nonprofits-2021.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 12 KB
13 KB 391ms
123ms Image
image/png 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-great-nonprofits-2021.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f2c92b210b89615b0bbee08b02f7fb4e28e1afb1fd6ca77ca7a89579ad9883c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-version-id: P9kDPkP82g6Jb0vD6y.syn4E0q9j7gv8
Last-Modified: Tue, 09 Nov 2021 18:16:57 GMT
Server: AmazonS3
x-amz-request-id: FRTN8J0AMT7KBMT8
ETag: "50be17cef1293e9e3c3d4d6f92242ad3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 12565
x-amz-id-2: xPgzL3aY+s3UPIHEN/SgN/VTj78bcxR/T7NEEL7PfkzntmVvnSX0fmPkm0DIw6pZ5tHSaM4bbII=

GET
H/1.1 200
OK footer-logo-charity-watch.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 5 KB
6 KB 415ms
144ms Image
image/png 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-watch.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cab31fc0a6902621b57ffe6afec60a97aa570de05fafda357daaeece9c29485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-version-id: 5dakYRN9oPGlaOVE0La3nx.ulcRZTuQJ
Last-Modified: Tue, 09 Nov 2021 18:16:58 GMT
Server: AmazonS3
x-amz-request-id: FRTZFFD1575NET99
ETag: "728de1350ee9e91045ae257f6ae1c18e"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 5191
x-amz-id-2: J0PUPOgnUOocRuea6DQKvwWJmNT5ulVkWdtQPMEo+KrfuTPkpsWUqwhoMBiWVnHy/TBDXizrD10=

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 50ms
48ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:01:06 GMT
server: cloudflare
age: 26932
etag: W/"639b6ef2-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7857b0914d789b5d-FRA
expires: Sat, 06 Jan 2024 14:25:08 GMT

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/ 1 KB
1 KB 34ms
32ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NCNQXGSVT1NNGT0J
age: 4200
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kPxw5DKdNL.AecQSdGJ5oSFWxeey1HvJWec8Hpfjo_w-1673042040-0-AU1B8_kSvHbHEj0S_hFQ3HgRVP3w8r7xKv4-C4tZlii08wnbZQcMRFCYBUui7CAw4P5SgOOuwKQ7BPoEwHYDQH9TU43ju2mIiINqTzc3EtmP; report-to cf-csp-endpoint
x-amz-id-2: qLR4naa/YJxc5XZsTsC6UuzyayIKWQACV4mN3xcvN0OPIdRxx7VbYYwyrwXcXrR821c6UMo3QF0=
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kPxw5DKdNL.AecQSdGJ5oSFWxeey1HvJWec8Hpfjo_w-1673042040-0-AU1B8_kSvHbHEj0S_hFQ3HgRVP3w8r7xKv4-C4tZlii08wnbZQcMRFCYBUui7CAw4P5SgOOuwKQ7BPoEwHYDQH9TU43ju2mIiINqTzc3EtmP"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7857b0914fcd5c7a-FRA

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/ 545 B
406 B 37ms
35ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
x-amz-request-id: NCNYQH4M6PKBXF01
age: 4200
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7857b0914fcf5c7a-FRA
x-amz-id-2: QfEXheX46tipXCtEN6Q2fgRnF0AQc4VGKNrn7Hicx93eOkkv62AMIs+mSSuDfJE4wkvi3T8KrGc=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/ 2 KB
1 KB 32ms
30ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
x-amz-request-id: NCNNWTG20X6AM5C1
age: 3788
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7857b0914fd15c7a-FRA
x-amz-id-2: TZ+0PEncT5kM+P39ncCnCgbXikH0oVp2V31cdFUW0n0znuRFGGfN4JvBEOXs/jwme2FEGT+yGUg=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/ 453 B
444 B 36ms
34ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
x-amz-request-id: NCNKVZ0917HPPHGX
age: 3788
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7857b0914fd25c7a-FRA
x-amz-id-2: pxuaw8LDpO9KaDuFkVU/iNVmXU7EX4XbAnUXNGlgqaqKh8ZlUjA4nYDdXsYwU2ykDiTrSErjchU=

GET
H2 200 3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg
assets.classy.org/13648750/ 13 KB
13 KB 54ms
52ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79c31734f20d5eacae6b26c81f5872b8399c074e14ba0354d5345267feb9a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: wSo0zz6gPutE85gshGqVqQ7bSquj5NNx
age: 334
x-amz-cf-pop: FRA60-P3
cf-polished: qual=85, origFmt=jpeg, origSize=84713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="3c8bdeb6-c31a-11eb-b186-0a58a9feac02.webp"
content-length: 13364
last-modified: Tue, 01 Jun 2021 20:45:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c340dc2d7c1f922def64fe81bc3d0837"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 7857b0914fd35c7a-FRA
x-amz-cf-id: P5DwvZ-9x3lqHu-V6QmZxx1EHLWPuJsyT7zaoTeHFswv5b1T1Me_nA==

GET
H2 200 4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg
assets.classy.org/13648750/ 13 KB
14 KB 44ms
43ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4609a39b06d7bac192ff546a8302280ad2a94d92cfa5c3e740d1eabb83305f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 8iO_YRAy3gNtS4L0jHZil7Zl4XG9Si35
age: 334
x-amz-cf-pop: FRA60-P3
cf-polished: qual=85, origFmt=jpeg, origSize=86180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.webp"
content-length: 13724
last-modified: Tue, 01 Jun 2021 20:45:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0b6c1b69c1ac841c85b4f728c23423be"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 7857b0914fd55c7a-FRA
x-amz-cf-id: IfmOJiPKE7tAIyBQqYJvx9RAHDynWrvv8xozW9bH1Q7wV0o_abRSnw==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/17609/static/global/images/ 394 B
676 B 19ms
19ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: QWKP1X7KE9T1AR44
age: 2899
cf-polished: origFmt=png, origSize=547
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: NP6H0zE/w+lPfWgLUEihHDCaa+zVTDye1W2JAUmH4s27GfBDvMCnNjFVGAcf9dXXzJJQlFM4LUo=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7857b0914fdd5c7a-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/17609/static/fonts/ 65 KB
66 KB 51ms
34ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 9T0PW8Y1DE52KE9J
age: 31076
content-length: 66624
x-amz-id-2: va0602cOeWK+AnwVcCKK5RYhhQphHD4mN/DPnTgHJrdHl/i02jFD4ggp3i7lvCguLhjGubmKA7Dgr3eu8CDhew==
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7857b0916ad39c0d-FRA

POST
H2 204 rum Show response
givenow.lls.org/cdn-cgi/ 0
142 B 12ms
12ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/rum?

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-8da4ef2109476920----1673042040580
traceparent: 00-c89ad067233ab9dab3c3b25b94be3fb0-8da4ef2109476920-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4ZGE0ZWYyMTA5NDc2OTIwIiwidHIiOiJjODlhZDA2NzIzM2FiOWRhYjNjM2IyNWI5NGJlM2ZiMCIsInRpIjoxNjczMDQyMDQwNTgwfX0=
content-type: application/json
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givenow.lls.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7857b091ae2e9b5d-FRA

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
258 B 106ms
105ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&_CLSY-56%20%5BLLS%5D%5BAll%20Devices%5D%20Progress%20Bar=v0%3A%20Control&st=1673042040620

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 csp-report
q.stripe.com/ Frame 68B3 0
570 B 581ms
182ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 68B3 0
571 B 579ms
181ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 68B3 631 B
1 KB 23ms
22ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 06 Jan 2023 21:50:15 GMT
x-content-type-options: nosniff
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 913
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 05 Jan 2023 22:04:13 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EM_FkktPVFJOBVqW_LSMuhmdjwk4YfRJE0hYoFSrtBreQkeOkFW2yw==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 146ms
51ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 21:54:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 21:54:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 109ms
48ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1067407586&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=74257980&gjid=1690934420&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&_r=1&_slc=1&z=1618957802

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 99ms
47ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1067407586&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=975587997&gjid=1124044200&cid=459161034.1673042040&tid=UA-225158-16&_gid=1435213236.1673042040&_r=1&_slc=1&z=1858437299

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
377 B 139ms
139ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 4d23b5d8-9a4e-401e-a534-a357b572e2ad
cf-ray: 7857b0922fa59225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
35ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1673042039945&utt=47&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=2146422377

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
34ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=3&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1673042039945&utt=1048&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=279178629

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
34ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=4&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1673042039945&utt=1331&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1140564264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
35ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=5&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1673042039945&utt=1556&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=2131164906

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
34ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=6&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1673042039945&utt=2963&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=597440184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 998 B
1016 B 49ms
23ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=initRecaptcha&render=explicit

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18dbaf08d3168f882f52892b590b715df36f239218946d90af8610917fcbc575

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 21:54:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
373 B 396ms
395ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: f9d6598f-a8ca-4e1f-bf4e-82ff1ab14719
cf-ray: 7857b092c86c9225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 222ms
222ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad7bcdc5edd338e9f52b53f38e7fe4b9dcffb2f0ffd4fa82dbdf3d3e07282ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 982aa41e-43c0-462f-b664-e090f507463c
cf-ray: 7857b09328cc9225-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 donation-sidebar-image.jpg
www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/ 87 KB
87 KB 441ms
196ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/donation-sidebar-image.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

6671adb2ec19e4e9f6469f48b31c0bb64d7bfd90bae527cfa9dbe16e21f634dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 19 Jan 2023 18:54:13 GMT
date: Fri, 06 Jan 2023 21:54:01 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Sun, 01 Jan 2023 17:52:50 GMT
server: nginx
age: 97187
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 88828
x-request-id: v-58c4ce04-8d2a-11ed-9a31-df2353ac1c49
x-cache-hits: 5323

GET
H/1.1 200
OK Leukemia_Lymphoma_Society_Logo.jpeg
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 148 KB
148 KB 112ms
111ms Image
image/jpeg 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/Leukemia_Lymphoma_Society_Logo.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1cf4c3f7783acd7b95935ce797c3a7f8d9c134c81274d67dfd418e017ee90a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:02 GMT
x-amz-version-id: vgBsg7J0tLX1oMtqWQHfXALALkH7LHur
Last-Modified: Thu, 06 May 2021 19:13:59 GMT
Server: AmazonS3
x-amz-request-id: VW3B01J288EYRCW3
ETag: "7399e1ad909ddecce04213c4985ac8b9"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 151568
x-amz-id-2: oJLT/ytEI6Nzrrt7NOOEObxXmgTF6W3lrD+ptUvSA7SRahfm9Ms2zSHWWsd34CqkJxTguZ8SJkA=

GET
H/1.1 200
OK DigiCert_logo.svg.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 40 KB
40 KB 111ms
110ms Image
image/png 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/DigiCert_logo.svg.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a631a08caf61b3391f7436707f8f2808aef4caf1faf5af8785c653c56366ae96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:02 GMT
x-amz-version-id: 8yNFup.jCiiYf7q88ZxVZ0rbHTZHdMOF
Last-Modified: Fri, 28 May 2021 15:49:53 GMT
Server: AmazonS3
x-amz-request-id: VW326DN63DNXSNXA
ETag: "600b5d901481a9ef521df589dfdb8d39"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 40500
x-amz-id-2: uGl2sUcSW9eb2avNhpX2FEI6OaDQN4veCGMroffTvDyt79xO8LtLQaQQlxl6ho1s+2jRjYvwkXE=

GET
H2 200 lock.jpg
donate.lls.org/content360/lls/default/images/ 1 KB
2 KB 388ms
104ms Image
image/jpeg 3.93.235.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.lls.org/content360/lls/default/images/lock.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.235.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-235-94.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e6f8560c2bcfd37f2cb0aecc566f6e17a8d05f9035fa3c109435cb0b3ba4577d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 06 Jan 2023 22:14:01 GMT
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 12:44:56 GMT
server: Apache
etag: "4f4-5e8019048e708"
content-type: image/jpeg
cache-control: max-age=1200
accept-ranges: bytes
content-length: 1268
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H/1.1 200
OK credit-card.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 4 KB
5 KB 114ms
114ms Image
image/png 52.216.42.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/credit-card.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 653b1e7dda2ae31cadec0faef23859b36811acc21913d7eaf3f9a9da592bfb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:02 GMT
x-amz-version-id: .pgyDGLd4uE3leTaVI6.JLkMsUQEfeW5
Last-Modified: Wed, 05 May 2021 19:54:18 GMT
Server: AmazonS3
x-amz-request-id: VW3CM109NDQ3ZBKE
ETag: "23302ee1bf5938d693c8395b2fec9c30"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 4447
x-amz-id-2: dkhZuTJmiioAZTRQ2WkS3R9EC6Ej5EfKT6edzu8J7Mg2LM+IKWv8oJIag1Jjo7zUOtOLAYGH7cg=

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 497ms
99ms XHR
text/plain 54.225.48.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.48.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-48-231.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 5175d7b7-d4ee-43fe-b015-7b4bec13bd64

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 543ms
416ms Script
application/javascript 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzMxMjg0NDAsImp0aSI6ImIxZDg3N2Y2LTJhODYtNGE5NC1iYzU2LTMzNTA5ODc5ZDMzMCIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.GD6R_YRHi2kJimLxqciysGJKjkMCYmZ02n-pVhpA-6zuxUjkNl0JvRAY1HsXK2nOrSaPcH8gMVEjy0eoDfsGyg&callback=callback_jsonba5e12335fca4fe788c7c34e0469b0bc

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

Resource Hash

b8de6b3c83eef103e821677061d0256c84a6626e4f5314b36d897ebd5b9dd3b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: e18861e92aab4
x-xss-protection: 1; mode=block
x-request-id: 2637a887-bb80-47a2-9d35-98f2703b7f38
x-runtime: 0.282024
referrer-policy: strict-origin-when-cross-origin
etag: W/"f76ed7740f2f93327a5feb01152daef2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: 2637a887-bb80-47a2-9d35-98f2703b7f38

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 123ms
122ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1673042040985&hv=4.19.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 104ms
103ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=ThankYou_20230106_National&sp=ts&sp=1673042039822&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673042039822&id0=3825636138719523&t0=click&n0=button&c0=payment-method-select-btn__cc&y0=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%7C%40cp-payment-widget%3B.ng-isolate-scope%3B%5Bapi%3DAPI%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bfee-processing%3DglobalState.feeProcessing%5D%3B%5Bhide-postal%3Dtrue%5D%3B%5Bmeta%3DMETA%5D%3B%5Bparent-model%3DMODEL%5D%3B%5Bpayment%3DMODEL.payment%5D%3B%5Bsubmit-digital-wallets%3DsubmitDigitalWallets%5D%3B%7C%40div%3B.donation-payment-method-select%3B.row%3B%5Bng-hide%3D%24ctrl.hideButtons%5D%3B%7C%40div%3B.column-md-5%3B%7C%40button%3B.payment-method-select-btn__cc%3B%5Baria-controls%3Ddonation-page_checkout_payment-form%20donation-page_checkout_payment-details%5D%3B%5Baria-expanded%3Dtrue%5D%3B%5Bdata-tracked-element%3Ddonation-page_checkout_credit-card-btn%5D%3B%5Bng-click%3D%24ctrl.showCardInputs()%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1673042040834&x0=CREDIT%20CARD&id1=5417620216207948&t1=click&n1=div&c1=donation-amount-recurring__btn%20once%20hover-state_one-time%20selected&y1=%40div%3B.donation-amount-recurring%3B%7C%40div%3B.donation-amount-recurring__switch%3B.ng-scope%3B.rf%3B%5Baria-label%3DSelect%20a%20donation%20frequency%5D%3B%5Bdata-ng-if%3D!%24ctrl.preventOldrfForDeque%20%26%26%20!%24ctrl.onlyReccurringFrequency(%24ctrl.frequencyLevels)%20%26%26%20%24ctrl.recurringLevels(%24ctrl.frequencyLevels).length%20%3E%200%5D%3B%5Bdata-ng-init%3D%24ctrl.showFreqDropdown()%5D%3B%5Brole%3Dradiogroup%5D%3B%7C%40div%3B.donation-amount-recurring__btn%3B.hover-state_one-time%3B.once%3B.selected%3B%5B_spec%3Done-time%5D%3B%5Bdata-ng-class%3D%7B%27selected%27%3A%20%24ctrl.frequency%20%3D%3D%3D%20%27one-time%27%7D%5D%3B%5Bdata-ng-click%3D%24ctrl.selectFrequency(%27one-time%27)%20%24ctrl.showFreqDropdown(%27one-time%27)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-keypress%3D%24ctrl.selectFrequency(%27one-time%27%2C%24event)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-mouseout%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Cfalse)%5D%3B%5Bdata-ng-mouseover%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Ctrue)%5D%3B%5Bdata-ng-style%3D%24ctrl.oneTimeBtnStyle(%27one-time%27)%5D%3B%5Btabindex%3D0%5D%3B%7C&ts1=1673042040929&x1=One%20time&id2=6335142810616507&t2=click&n2=button&c2=active-button&i2=recur-no&y2=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40section%3B.donation-amount%3B.ng-scope%3B%5Bdata-ng-controller%3DfrsDonationAmountCtrl%5D%3B%7C%40donation-amount-recurring-rf%3B.ng-isolate-scope%3B.ng-scope%3B%5Bamount%3DMODEL.items0.raw_final_price%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bdonation-context%3DCONTEXT%5D%3B%5Bfrequency-levels%3DDonationBlock.current%27recurring-level%27%5D%3B%5Bfrequency%3DMODEL.frequency%5D%3B%5Blevels%3Dstate.levels%5D%3B%5Bnew-amount%3DMODEL.items0.raw_final_price%5D%3B%5Bng-if%3D!preventRecurringFrequency%5D%3B%5Bpreview%3DglobalState.isPreview%5D%3B%5Bprevious-frequency-price%3DMODEL.items0.previous_frequency_price%5D%3B%5Brecur_until%3DMODEL.recur_until%5D%3B%5Brecurring-donation-levels%3Dstate.recurringDonationLevels%5D%3B%5Bsetting-page-frequency%3DMODEL.frequency%5D%3B%7C%40div%3B%23custom-recurring%3B%7C%40div%3B.recurring-buttons%3B%7C%40button%3B%23recur-no%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts2=1673042040945&x2=No&st=1673042040988

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 64ms
63ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17609/static/global/libs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:01:06 GMT
server: cloudflare
age: 26933
etag: W/"639b6ef2-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7857b0944b1a9b5d-FRA
expires: Sat, 06 Jan 2024 14:25:08 GMT

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 457 B
467 B 280ms
94ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=OYfFVDFEbzMkus7L

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2f3e0ac70a642adcc91c553684344d2e1bf9aa50d00725d6f11c690eb8ed92c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 451ms
366ms Script
application/javascript 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzMxMjg0NDAsImp0aSI6ImZmMDc4YWM3LTczMDQtNDA3OS04ZjFjLTIzNjE1ODMyNmUzYSIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.0dL44AeszoeNBSJ_tLMZDbFnxM_ZF1P9GqUYi1woozHNC_GWsLhtYEExtf2KHRBxn5BhLeyq0ANfKsEcq4awJA&callback=callback_json246ec66d920b47eea1bdc94b9cb2bb8e

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

485167ccbacf5b9e9d43ad1a60c20b163606afa5579eba4460da3c666e2ee31d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: b61af7a1c77a4
x-xss-protection: 1; mode=block
x-request-id: 96ad72dc-12bf-4123-8822-c0d84d534777
x-runtime: 0.184326
referrer-policy: strict-origin-when-cross-origin
etag: W/"7529c3779fc6cdecc575580dc25ee0a7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: 96ad72dc-12bf-4123-8822-c0d84d534777

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 50ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:21 GMT
x-content-type-options: nosniff
age: 119020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:50:21 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 55ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:21 GMT
x-content-type-options: nosniff
age: 119020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:50:21 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 60ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:21 GMT
x-content-type-options: nosniff
age: 119020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:50:21 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 59ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:43:50 GMT
x-content-type-options: nosniff
age: 220211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 08:43:50 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 50ms
29ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:21 GMT
x-content-type-options: nosniff
age: 119020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:50:21 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 43ms
34ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:21 GMT
x-content-type-options: nosniff
age: 119020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:50:21 GMT

GET
H/1.1

200

five9-social-widget.css
app.five9.com/five9_clients/consoles_latest/SocialWidget/
Redirect Chain

https://app.five9.com/consoles/SocialWidget/five9-social-widget.css?_=1673042041078
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

5 KB
5 KB

112ms
111ms

Stylesheet
text/css

198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

Protocol

HTTP/1.1

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

86815552a6ac093a94dde24b65658c956fd3d91415541dc467368fbc8ebd7e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"4699-1666161959000"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4699
X-XSS-Protection: 1

Redirect headers

Location: /five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078
Date: Fri, 06 Jan 2023 21:54:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1
Content-Type: text/html

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 102ms
100ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=ThankYou_20230106_National&sp=ts&sp=1673042039822&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673042039822&id0=6062442916233929&t0=click&n0=button&c0=form__radio-control%20checked&y0=%40div%3B.mp-sensitive%3B.ng-scope%3B%5Bdata-heap-ignore%3Dtrue%5D%3B%5Bdata-ng-if%3Dshow.customQuestions()%5D%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27custom-questions%27)%5D%3B%7C%40div%3B.billing-mailing-same%3B.donation-table%3B.ng-scope%3B%5Bdata-ng-repeat%3Dquestion%20in%20list.customQuestions%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27questions%2F%27%20%2B%20question.type)%5D%3B%7C%40div%3B.donation-table_row%3B.ng-scope%3B%7C%40div%3B.donation-table_columns%3B%7C%40div%3B.donation-table_column%3B%7C%40radio-control%3B.ng-dirty%3B.ng-isolate-scope%3B.ng-not-empty%3B.ng-not-modified%3B.ng-touched%3B.ng-valid%3B.ng-valid-parse%3B.ng-valid-required%3B%5Baria-invalid%3Dfalse%5D%3B%5Bname%3Dcq_710217%5D%3B%5Bng-model-options%3D%7B%20getterSetter%3A%20true%20%7D%5D%3B%5Bng-model%3DMETA.answersquestion.id%5D%3B%5Bng-required%3Dquestion.is_required%5D%3B%5Bsc-form-error%3Dhighlight%20if%20cq_710217%20fails%5D%3B%5Bvalue%3D%27Yes%27%5D%3B%7C%40button%3B.checked%3B.form__radio-control%3B%5B_spec%3Dbutton%5D%3B%5Baria-checked%3Dtrue%5D%3B%5Baria-label%3D%5D%3B%5Bng-class%3D%7B%20checked%3A%20%24ctrl.isChecked()%20%7D%5D%3B%5Bng-click%3D%24ctrl.select()%5D%3B%5Bng-disabled%3D%24ctrl.disabled%5D%3B%5Bng-keydown%3D%24ctrl.onKeyDown(%24event)%5D%3B%5Brole%3Dradio%5D%3B%5Btabindex%3D0%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1673042040953&x0=Yes&id1=7242865234152367&t1=click&n1=button&c1=active-button&i1=mailing-yes&y1=%40div%3B.ng-scope%3B%5Bfrs-donation-block%3D%5D%3B%7C%40div%3B.donation-block%3B.frs-donation-block%3B.ng-scope%3B%7C%40main%3B.donation-block_main%3B%5Bdata-ng-show%3DCryptoGiving.hidden()%20%26%26%20!CryptoGiving.exclusive()%5D%3B%7C%40form%3B.donation-block_form%3B.ng-dirty%3B.ng-invalid%3B.ng-invalid-max%3B.ng-invalid-min%3B.ng-invalid-required%3B.ng-valid-email-address%3B.ng-valid-maxlength%3B.ng-valid-minlength%3B.ng-valid-parse%3B.ng-valid-pattern%3B.ng-valid-phone-number%3B%5Bdata-ng-submit%3Dsubmit()%5D%3B%5Bdata-sc-broadcast-form-errors%3D%5D%3B%5Bname%3DFORM%5D%3B%5Bnovalidate%3Dnovalidate%5D%3B%7C%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%23custom-mailing%3B%7C%40div%3B.mailing-buttons%3B%7C%40button%3B%23mailing-yes%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts1=1673042040955&x1=Yes&id2=1896639494246480&k2=environment&k2=prod&k2=organization_id&k2=33874&k2=campaign&k2=342076&k2=campaign_type&k2=donation&k2=duplicate_fundraisers&k2=false&k2=existing_fundraiser&k2=false&k2=label&k2=Begin%20Checkout&k2=action&k2=checkout&k2=currency&k2=USD&t2=Begin%20Checkout&ts2=1673042040987&st=1673042041124

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKTSGB1GZCRV89T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 4l8iY1Ay2BHNb7bAAyZxHOGToVbGcN6NeFSHhghIiVqS7k6LFqaFdOqdUnsrfIawKvLFJTqoZdc=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.129992,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5571

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKWZFQQ82P9RYZP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: uHhi53JMteirXrk4bE2zQ2rfInN8pgMnDTKzRkPSovJM5y5AVhKYCmSakQr/ADpTIHYCwno/iPU=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.130550,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5564

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 8ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKJK0718AC26354
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: l8ESbNTyyn/P6dzRQLIojLa2rg4VwhS8fdNMFOt9gg/d/4/Kp0bjEjLMX+zdfv6F8ScooaaycLs=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.130694,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5557

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 1 KB
994 B 9ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKZW6YW5QXSXTC9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 2hx6bADpueBAuZxvc4FgrJAgB75cBAbWtyO/2W1dg52zl/c4Dh4x5VSG4Lno06GEGXD2M/AJ6wU=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.130975,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5560

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 10ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKQCYPKJW7AW9VC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: GgS+TkPV2qibcyZ31r3NIbr8wbNPXeUbHZLCYjG972rDUmkUzVDw0FMJ0PT02p3+RApNcXvWbLCPhQGelxPw9w==
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.131729,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3744

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 10ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKMY5JAZE5Y2XKF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: alNp0rlSRDKvDPjPiJu/jounHHVGVqxGOLWPCkJdwwY4/qyek2vLnlscBnv8M0V0Qx3jVLt87oU=
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.131927,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3783

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 10ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKX7CC7SE10FAVE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: rRe2e2OZgSrcuBQrgR+irTRNhJhjrmPVHI91HL/dwvHV/i0wSs8Fln8YBpwdvW33AOsRtUeaQ3XOIory6l67/A==
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.132441,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3793

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 10ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKW9W9FAZ05AQJB
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: VY3f3J4B/EEXObFVz/PEh2D2qYizzxLQGAnWFY9N2fQEdDNzcHpT0nJ7wpNT6dkdYXGgB8Az/gyvxaGN0YgHMA==
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1673042041.133278,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3777

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 17 KB
6 KB 10ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Jan 2023 21:54:01 GMT
x-amz-request-id: RRKNQYS1D42GB67D
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: LlIR7ItOAUrQcIHWFAIONNsrqj3ZEe2CNYKX53Ggf4QheYlJ3Mf+JQIFDpX2kfJJc9uWjHkjsMFwdipFviTjOw==
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1673042041.134118,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2846

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 90FB 930 B
2 KB 95ms
9ms Document
text/html 2600:9000:223e:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 244
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:49:57 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id: i1DH6TI40mDObnbgl8c2Mp4SNB49NFX42mepm8bcSW0R56Ddvm24sg==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 320ms
320ms Script
application/javascript 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzMxMjg0NDAsImp0aSI6ImNkY2RlZmU5LTc0NDAtNDI3Ny1iZjU5LTdjZTUzMWMyYjU5NiIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.0IBaq1VZbzGPADJqgBCT1jrgNWVvLlzVgwP1Vu8admdrlSvt5HKzc72jYyE9EIzasMfFgRRHv8wk83vymQ-gIQ&callback=callback_json954688934aae42c19e528485e500381b

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f54836f4949617c87b45da43dd5e872ac1a97d4dccaad4e51c87de9576cb6a2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: 6b455d64e4914
x-xss-protection: 1; mode=block
x-request-id: 93baa02d-e552-4bce-8118-3224dc5cbbc0
x-runtime: 0.189708
referrer-policy: strict-origin-when-cross-origin
etag: W/"160b87f9c1efd20ce3d4c2ec6e4c297d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: 93baa02d-e552-4bce-8118-3224dc5cbbc0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 80ms
20ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3837893-1&cid=459161034.1673042040&jid=74257980&gjid=1690934420&_gid=1435213236.1673042040&_u=KGDACEAABAAAACAAI~&z=1560361595

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 80ms
21ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=975587997&gjid=1124044200&_gid=1435213236.1673042040&_u=KGDACEABBAAAACAAI~&z=1864924719

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-0c60997903fcaade94f34329482aa647.html Show response
js.stripe.com/v3/ Frame 5DC7 325 B
1 KB 23ms
21ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

22b0adf1f16e45aaa5d1219a41d1c1e42b8dbd239405eb955a118bb9cc6241b6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:53:27 GMT
etag: "0c60997903fcaade94f34329482aa647"
last-modified: Fri, 06 Jan 2023 20:59:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: 12VGYIWnmkcVeclKByMAJigbfWTGhMuLu1dWPMhptjQXFBOTKRnmdg==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html Show response
js.stripe.com/v3/ Frame DDCB 408 B
1 KB 22ms
21ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

8ac978b035461472af64a9702dd584f8cc19aac24f489efee6a76433f8ad5f8f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2509
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:12:13 GMT
etag: "73aca7478fa05915f42e37e10b227a02"
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: yQ8PdaBhey9eykKI4wcz7eLqEGb5iFOlUSMPSRZh8OZnpvytdm3p5A==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html Show response
js.stripe.com/v3/ Frame 823C 344 B
1 KB 24ms
20ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

0bb4a66ade0a932e452dfad48c404f031ce31bdaffad5bd12e3bc7ac666bf724

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:54:01 GMT
etag: "4a52c6cc5d094f5572c25332f9f21638"
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: mGH86-6vSmeqMuhQ1wl3bToXImSzXtKa8STiyV4KgmlxZtitVC1MGg==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
88 KB 132ms
83ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d8af520e2d156e48b4f3017211e925fba28844ba0ea76f29e5427c4b4e7963b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90020
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Jan 2023 21:54:01 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:43:50 GMT
x-content-type-options: nosniff
age: 220211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 08:43:50 GMT

GET
H2 200 controller-0c60997903fcaade94f34329482aa647.html Show response
js.stripe.com/v3/ Frame 7CDF 325 B
1 KB 22ms
21ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

22b0adf1f16e45aaa5d1219a41d1c1e42b8dbd239405eb955a118bb9cc6241b6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:53:27 GMT
etag: "0c60997903fcaade94f34329482aa647"
last-modified: Fri, 06 Jan 2023 20:59:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: g69HmeYlkT8JcSzQrOh4f2wjn7pKp9sy5gF8BowsnITo2h9Wzlhzug==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 css Show response
fonts.googleapis.com/ 2 KB
522 B 105ms
48ms Fetch
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d65117e41688b9531881feb247e2279238af4da263200cc264accf1e7773e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 21:38:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 21:54:01 GMT

GET
H2 200 elements-inner-card-a9aced728a05f6181299044ffc6450b8.html Show response
js.stripe.com/v3/ Frame B6FF 798 B
2 KB 27ms
25ms Document
text/html 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

0c31879006efed900c3a1f375156736300fae0b560040d3c100b01af45994e92

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3097
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 21:02:25 GMT
etag: "a9aced728a05f6181299044ffc6450b8"
last-modified: Fri, 06 Jan 2023 20:59:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-id: fPKnOihMCCK94PugOS_QM0hmBsGcuw0Luwl02SyeLlWvb6iH4sCbgg==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ 184 KB
62 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 14:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62997
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 14:29:41 GMT

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
givenow.lls.org/sso/ssobuild/js/ 22 KB
7 KB 64ms
63ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-445181b808aa12ea----1673042041327
traceparent: 00-2e4bba2b40520c6ebdee4a305ece2de0-445181b808aa12ea-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0NDUxODFiODA4YWExMmVhIiwidHIiOiIyZTRiYmEyYjQwNTIwYzZlYmRlZTRhMzA1ZWNlMmRlMCIsInRpIjoxNjczMDQyMDQxMzI3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 17:55:22 GMT
cf-bgj: minify
server: cloudflare
age: 7908240
etag: W/"632ca18a-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7857b0965f359b5d-FRA
expires: Sat, 07 Oct 2023 09:10:01 GMT

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/17609/static/global/fonts/ 42 KB
43 KB 39ms
39ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17609/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736e506134eaf2aabd23f662fec57978bc74b796057804f960c50f15e1882e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17609/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: ZZ9VQFFNQKS4J9T3
age: 249
content-length: 43184
x-amz-id-2: 17qozGdf9cC+rK0OMBTFKiuHy6BtEZtLgW+O2restAIgEC6bFaKAbBaOMHYl22ob7e0W4Zy8UfY=
last-modified: Thu, 15 Dec 2022 19:04:33 GMT
server: cloudflare
etag: "d0868f9b9c3b0098ee0500067aef6a1e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7857b0965ab19c0d-FRA

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame F54F 320 KB
104 KB 11ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgivenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1375856
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Jan 2023 21:54:01 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6762)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 csp-report
q.stripe.com/ Frame 5DC7 0
570 B 185ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ddb793aa384a0b0966a616e030816f3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DC7 295 KB
71 KB 21ms
20ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f49f95f4ec71624023daeba38fa186dfae258eb32a27c854500cf40bb4859684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"121d0b8c995236398c0380081c1840b7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fAfa7jKAPcyz2ITSISCxdb6GPOyvw5OvMzrFqx4V27RCNC5NGD_3uA==

GET
H2 200 controller-4f9f0e0297838690739c7518f2748c69.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DC7 454 KB
120 KB 28ms
27ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-4f9f0e0297838690739c7518f2748c69.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

151b3eaa3d08c9cb8bfa948bff08644a18bede891ff9127fd6117121633c3c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:45 GMT
server: Cloudfront
etag: W/"77b6080ea59099e195030be1276a4c9d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: epV-RxEGoRWsJZnFt-GotgQpC-afBzk2qKnqvQIEkrBYRXlmz-k8-g==

POST
H2 200 csp-report
q.stripe.com/ Frame 90FB 0
344 B 181ms
180ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DDCB 0
570 B 182ms
180ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DDCB 0
570 B 182ms
181ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame DDCB 104 KB
33 KB 128ms
89ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51e4b766a3e61185a115ecb5116ebd2bd21e5f31f23a3aece42a0b8efc32ec43

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-FUrdi6o4Fe6Ehjddz6FV1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-FUrdi6o4Fe6Ehjddz6FV1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 06 Jan 2023 21:54:01 GMT

GET
H2 200 shared-ddb793aa384a0b0966a616e030816f3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDCB 295 KB
71 KB 31ms
30ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f49f95f4ec71624023daeba38fa186dfae258eb32a27c854500cf40bb4859684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"121d0b8c995236398c0380081c1840b7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ynDCL-izRNsdMdof3FnYLwP2H4SKB6-I6EsQgM5IDC5AmWWW-Lr2Ww==

GET
H2 200 payment-request-inner-google-pay-1e226bc4a404efd6ecf050a3d69556c3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDCB 9 KB
4 KB 38ms
37ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1e226bc4a404efd6ecf050a3d69556c3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

eebdcace9d19c85db92c0c4eea7bef091c54765e049520c4ee8caf064e5281e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-73aca7478fa05915f42e37e10b227a02.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:02:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: VIE50-C1
age: 3116
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:46 GMT
server: Cloudfront
etag: W/"32a6c74a4494a182f68352b974c5795e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: AwSbd9Pk3hr-Ql-pY8o7oGGzoeYMzF64vFPpGOTFzza3XcUOjkVifQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 823C 0
570 B 182ms
181ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 823C 0
570 B 343ms
343ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ddb793aa384a0b0966a616e030816f3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 823C 295 KB
71 KB 31ms
31ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f49f95f4ec71624023daeba38fa186dfae258eb32a27c854500cf40bb4859684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"121d0b8c995236398c0380081c1840b7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: F367EK16Sh4DKo6P0VMXcUecOHRm4U0CT0pTkU6lDG0JJtdkOH2x-w==

GET
H2 200 payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 823C 11 KB
5 KB 35ms
35ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-4a52c6cc5d094f5572c25332f9f21638.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:37:42 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 984
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"143881bdb912f2223ebc11f7378e2f5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vqMkabafCK_lwy494MKszZtuNNtWedFNnNuaHl7Xdy6x9EI-x0af6g==

POST
H2 200 csp-report
q.stripe.com/ Frame 7CDF 0
570 B 306ms
305ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ddb793aa384a0b0966a616e030816f3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7CDF 295 KB
71 KB 25ms
24ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f49f95f4ec71624023daeba38fa186dfae258eb32a27c854500cf40bb4859684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"121d0b8c995236398c0380081c1840b7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Yj0RXKQd7D1TrFV8-gRGOMU_ffLEBpLVn9m_bW6Y8enPpF0UQHuO_w==

GET
H2 200 controller-4f9f0e0297838690739c7518f2748c69.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7CDF 454 KB
120 KB 21ms
20ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-4f9f0e0297838690739c7518f2748c69.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

151b3eaa3d08c9cb8bfa948bff08644a18bede891ff9127fd6117121633c3c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:45 GMT
server: Cloudfront
etag: W/"77b6080ea59099e195030be1276a4c9d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Qu-zF71L6UhO_8q6uMJ3Vv0LDhg5__z7Q8K32sRhs8_tuAHIA8CWFA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 21:41:40 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame B6FF 0
570 B 291ms
289ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B6FF 0
570 B 295ms
294ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ddb793aa384a0b0966a616e030816f3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B6FF 295 KB
71 KB 28ms
26ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f49f95f4ec71624023daeba38fa186dfae258eb32a27c854500cf40bb4859684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
age: 3140
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"121d0b8c995236398c0380081c1840b7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ozTIGVsXm3GObhBvTd5ph5czCzEF-Nf8Up0GE1oVF3cKuSroSPUU4g==

GET
H2 200 ui-shared-51b458985f8736c3224a5557b3c9f9db.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B6FF 237 KB
68 KB 31ms
30ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-51b458985f8736c3224a5557b3c9f9db.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

c3c59598c39b92e7a75eacb102e27d9c546ece9a979f2511eb7638dd29c059a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: VIE50-C1
age: 3130
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 06 Jan 2023 20:59:47 GMT
server: Cloudfront
etag: W/"8bf68e8f6f945c2a6de4ebe4ca1dda10"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zTJKp8G3y_guEdaPN-8NgRtmGLPsvwB2DofRUnw1sGBBoERvSYqUUQ==

GET
H2 200 elements-inner-card-bbb78dc1cb37e8529dd0102468323fdb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B6FF 49 KB
13 KB 20ms
20ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-bbb78dc1cb37e8529dd0102468323fdb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

56582c718734255a1d3b2680a84fbe19d29977c3d181369f366e33855fe3f150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:21:02 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 3219
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 22:04:11 GMT
server: Cloudfront
etag: W/"8ffebbaddbf2119c6528d16fa52ac11e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kumxaq7sNjytZpoHmbxvhXabkbszQZW_PLaj4-jSWWx2VpgbWG0uUw==

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame B6FF 19 KB
3 KB 26ms
26ms Stylesheet
text/css 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:19:43 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 2064
x-cache: Hit from cloudfront
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Cloudfront
etag: W/"946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: a-tN4pA63dJKdc_97u26nGerL4Z2GmhshBECmLp84iIWvonv57y9Gw==

GET
H2 200 elements-inner-card-5e36f21b0efee6f2a4a1d898ba622fa0.css
js.stripe.com/v3/fingerprinted/css/ Frame B6FF 6 KB
2 KB 23ms
22ms Stylesheet
text/css 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-5e36f21b0efee6f2a4a1d898ba622fa0.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-231-65.us-west-2.compute.amazonaws.com

Software

Cloudfront /

Resource Hash

3550c812edbcb2217b08042fcc4546528bbf0f0a8506d783642b36ea5f1c6b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:32:19 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 1338
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 22:04:03 GMT
server: Cloudfront
etag: W/"58bad269080c9dead75608089271f5b8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QCSFEneLyYZ09wC8yXdJhV67J0VFZ4G2G_1VN3X6pyCliVGQRbUhYQ==

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 90FB 86 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:223e:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 21:49:03 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 299
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: -76dbJD0x1sUz4OgoR5dwY1hDaQRqX7-Men_wT852NvTnA_kk0hoAQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=975587997&_u=KGDACEABBAAAACAAI~&z=294379129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=975587997&_u=KGDACEABBAAAACAAI~&z=294379129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F54F 1 KB
734 B 335ms
132ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=49ae7ab3ab380ba6593cb69df7e74e012870f958

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgivenow.lls.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 06 Jan 2023 21:54:01 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 018d4aea5a359493
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 5b316b0711ecee44941a59d6d110210a835dd05678befa54378eb6340e967fc3
content-length: 413

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
532 B 267ms
246ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1220.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3848&ck=0&s=6d4653919dcf37f9&ref=https://givenow.lls.org/give/342076/&ap=435.725592&be=1550&fe=620&dc=618&tt=821dbd0baa64d97a&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673042037679,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:17,%22c%22:17,%22s%22:23,%22ce%22:47,%22rq%22:48,%22rp%22:1048,%22rpe%22:1331,%22dl%22:1053,%22di%22:1337,%22ds%22:1539,%22de%22:1539,%22dc%22:1546,%22l%22:1547,%22le%22:1556%7D,%22navigation%22:%7B%7D%7D&fp=2924&fcp=2924&jsonp=NREUM.setToken
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7857b097ae3b9235-FRA

GET
H2 200 status Show response
givenow.lls.org/sso/ 89 B
1 KB 167ms
166ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36108336173835305554_1673042041323&_=1673042041324

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

c396c43506bc44984692aa605b845996d4c0a23f08f8af3e88081a15e72e22f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-70bf80da2cd2b8e5----1673042041568
traceparent: 00-a0f1a8c83a033dca8d27caf368eea4b0-70bf80da2cd2b8e5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3MGJmODBkYTJjZDJiOGU1IiwidHIiOiJhMGYxYThjODNhMDMzZGNhOGQyN2NhZjM2OGVlYTRiMCIsInRpIjoxNjczMDQyMDQxNTY4fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7857b097ca069b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 5DC7 474 B
864 B 57ms
20ms Fetch
application/json 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-39.vie50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 192e63d3504c6b48c989d10382075765e3b0806a9830de58219dab3ca7a3d4d2

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jan 2023 21:28:23 GMT
server: Cloudfront
x-amz-cf-pop: VIE50-C1
age: 1
etag: "2aa55f2e7db3fe3bcc2ccf7a910353b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: HKxh8r_Zb48y_GGe4Ff6D2OLo8jHgLeZ1sH-oxqxkzHnQ6ry6aB77g==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/ 2 KB
2 KB 67ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/?random=1673042041688&cv=11&fst=1673042041688&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=2037552884.1673042042&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78eca788469db661bc34648279b69f655c81fc466499b32492dcc110e60e0391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 965
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=2023286066&gjid=104754382&_gid=1435213236.1673042040&_u=aGDAiEABBAAAAGAAI~&z=130075379

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 21:54:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Jan 2023 20:27:13 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 06 Jan 2023 22:27:13 GMT

GET
H3

200

activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_so... Show response
8977078.fls.doubleclick.net/ Frame 1CE3
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow...

713 B
339 B

111ms
64ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

4eb873d48916905478270dcb97a336f72c2c8ccb1ede28f10f23cf8d14fcef6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:01 GMT
expires: Fri, 06 Jan 2023 21:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3F... Show response
8977078.fls.doubleclick.net/ Frame C31B
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fg...

719 B
341 B

120ms
74ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

de6a0b4608c63c809473bd8175056747fe1a4f1375a8c19e90e5aa1967ee314e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 318
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:01 GMT
expires: Fri, 06 Jan 2023 21:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/ 2 KB
993 B 105ms
89ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1673042041763&cv=11&fst=1673042041763&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=2037552884.1673042042&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef3eb34521b15db0bf87955532e56dd5420626e191bca83f5f595121bcc6fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/779965559/ 2 KB
2 KB 78ms
19ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/779965559/?random=1673042041765&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=2037552884.1673042042&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5c34534a8fe548781ddbf459e0ddc17fdaea39f03f1074272bce14d66e5fd22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
1 KB 75ms
21ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1673042041767&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=2037552884.1673042042&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3d1d24ace559719e1e4fc298c034393ce6f69a42aa0f343f33d0703f3a39560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Jan 2023 21:54:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27613
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fvLKPOng9pSk2nA+6hMnq+nxoQ4fLTucnKMmhKNoBJEMx/G353s9bRIGojo6WhVM0BSpKmgh4Q2591EeM9ztGQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 82ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 06 Jan 2023 21:54:01 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A889ADF5398B4977A296C37508079B4D Ref B: FRA31EDGE0608 Ref C: 2023-01-06T21:54:01Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11472

GET
H2 200 merkle_track.js Show response
cdn.merklesearch.com/ 2 KB
1 KB 59ms
7ms Script
application/javascript 18.66.112.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.merklesearch.com/merkle_track.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b50fe60629db539a09545bae38ce3668b8f151a25ce2914cf707654c6424c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 23:28:56 GMT
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2019 16:04:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 80720
etag: W/"ba48ece064f452562968947c4e6d063b"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: qo2HsED9viMSXAGnrjIysJpn6YvSYgTu_v4lkPYnKciIExVDdhvVGA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 93ms
8ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Jan 2023 21:54:01 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 7C0B
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...

1 KB
2 KB

210ms
129ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

9fd51b1e084a6b0ad7a6a3219b8fcab13161ccd8063dbb2ea477db8ab1800723

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1233
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 83RZ5NJHPS42HER1VWT3

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: K5PKGSM5A2NS2PZKM3H5

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 52ms
7ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 06:03:05 GMT
Content-Encoding: gzip
Via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 57057
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: _k5fKTeYeoW46-IMqYOg1PT3XrwNCnU5NOiZv7kZMEdFrUnaNNGQiA==

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 132ms
18ms Script
text/plain 104.96.146.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=6894817b-ce68-494a-a2cd-4e160ce0f1d8&suu=1&dmn=givenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.146.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-146-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
Expires: Fri, 06 Jan 2023 22:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 59ms
59ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f4e530538a7d1590542abf2228d10a70112dc88fd67533cae1e96e4bfb0e6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:01 GMT

GET
H2 404 bind
media2.legacy.com/ 0
77 B 344ms
101ms Image
text/plain 44.199.160.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.legacy.com/bind?ckey1=LeukemiaLymphSoc;cvalue1=1;expiresDays=60;adct=image/gif;misc=123;&gtmcb=407410663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.160.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-160-123.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=pageview&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAACAAI~&jid=2023286066&gjid=104754382&cid=459161034.1673042040&tid=UA-225158-16&_gid=1435213236.1673042040&gtm=2wg120PC52XK&z=1057612264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22227
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 128ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:t1qofst&fmt=3&gtmcb=631783384
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 06 Jan 2023 21:54:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7CDF 474 B
863 B 23ms
22ms Fetch
application/json 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-39.vie50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 192e63d3504c6b48c989d10382075765e3b0806a9830de58219dab3ca7a3d4d2

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-0c60997903fcaade94f34329482aa647.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jan 2023 21:28:23 GMT
server: Cloudfront
x-amz-cf-pop: VIE50-C1
age: 1
etag: "2aa55f2e7db3fe3bcc2ccf7a910353b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: O-c6PjMhvCB4iAJIWPoSd8f73wPVbiZxnIXQ8FLdShHHu2cAH0s93Q==

POST
H2 200 6 Show response
m.stripe.com/ Frame 90FB 156 B
522 B 648ms
219ms XHR
application/json 54.148.231.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.231.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e8899ec4ba2565642f2bdc48e9452afe505a57bc8914be8aaa1f24fb4576889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B6FF 474 B
863 B 20ms
19ms Fetch
application/json 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-39.vie50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 192e63d3504c6b48c989d10382075765e3b0806a9830de58219dab3ca7a3d4d2

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-a9aced728a05f6181299044ffc6450b8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Jan 2023 21:54:01 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jan 2023 21:28:23 GMT
server: Cloudfront
x-amz-cf-pop: VIE50-C1
age: 1
etag: "2aa55f2e7db3fe3bcc2ccf7a910353b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: zyU_WCz9MS0Hd6E9TDk0_h2Nyq7NJKkempnM4V46s-5unEBSuylEuA==

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 4269 43 KB
23 KB 32ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=frbgbmg6d7p8

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5922b24ccd855bbd5dc169d3312efd4a5ccc1f82f05567a268a01a174ab0ee85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zwdEGnjf4O0p9c6EVsH9Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23123
content-security-policy: script-src 'report-sample' 'nonce-zwdEGnjf4O0p9c6EVsH9Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2... Show response
8977078.fls.doubleclick.net/ Frame B537
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F...

734 B
355 B

66ms
65ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

bdbad7298fd5c139ccfc992aad3e037dc03e7a427ae91022c8527e61f06da18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:02 GMT
expires: Fri, 06 Jan 2023 21:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
1 KB 43ms
22ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1673042041984&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=2037552884.1673042042&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

df2ee33d4f74313cebc16c76014c0039f726df5ada06a936089d1bc4085a9f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 854E
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...

1 KB
2 KB

124ms
123ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

10bdb12bbe191dc2d4d472cea8a6c5136d0e25ef39ec0b7734416c734081095a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1233
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 78ZRKQECJ9CGQ25DKRCH

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: XQDV8WJH5SX4HBBDJB7A

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:7g2encq&fmt=3&gtmcb=1937355169
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 101ms
100ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=ThankYou_20230106_National&sp=ts&sp=1673042039822&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673042039822&id0=1786346633044694&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&k0=event_id&k0=1673042042.610821424262&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1673042041991&st=1673042041992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 5DC7 562 B
1 KB 294ms
202ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&stripe_js_id=4f2ce5d1-af99-4b9c-ac68-affd935d9fac

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cc94a0af25275f1ecea895630e36a352592de64d37e3ab2547cee5bff06d05e5

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 562
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 1416 18 KB
7 KB 115ms
75ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be25730a9ab5aacda0bfca9a6b4e933df220f34e7f4216c1c65d31718b596c06

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1lFb0ZegSywPsCycHTfWIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1lFb0ZegSywPsCycHTfWIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 06 Jan 2023 21:54:02 GMT
expires: Fri, 06 Jan 2023 21:54:02 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=timing&_s=7&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1673042039945&utt=4174&_u=aGDACEABBAAAAGAAI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1814981771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
25ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=pageview&_s=8&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-3837893-1&_gid=1435213236.1673042040&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=764424569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1067407586&t=pageview&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=459161034.1673042040&tid=UA-225158-16&_gid=1435213236.1673042040&z=1588140924

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=2023286066&_u=aGDAiEABBAAAAGAAI~&z=1626611137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=459161034.1673042040&jid=2023286066&_u=aGDAiEABBAAAAGAAI~&z=1626611137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 chat-small.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 589 B
1 KB 112ms
111ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/chat-small.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

2972dd804d7cf59ed7b67f73bec6d74b776774c8058d5f8e37a0e87e7ed07339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"589-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 589
X-XSS-Protection: 1

GET
H/1.1 200 minus-32.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 167 B
844 B 223ms
111ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/minus-32.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

Software

Resource Hash

0fa5f0a9f2f58f897f5c4f057cafbd53f833d8f3210cfa10b9581dbd00f916fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"167-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 167
X-XSS-Protection: 1

GET
H/1.1 200 external-link-32.png
app.five9.com/five9_clients/consoles_latest/SocialWidget/images/ 389 B
1 KB 335ms
111ms Image
image/png 198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/images/external-link-32.png

Requested by

Host: app.five9.com
URL: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

ec2-54-174-170-28.compute-1.amazonaws.com

Software

Resource Hash

a046fdd4444ac02d32b8c049847221419e8e5fb391d5a1b21b959d8d32caa82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.css?_=1673042041078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 06 Jan 2023 21:54:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Oct 2022 06:45:59 GMT
ETag: W/"389-1666161959000"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 389
X-XSS-Protection: 1

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 101ms
101ms XHR
text/plain 54.225.48.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.48.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-48-231.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 06 Jan 2023 21:54:02 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: c8111c04-6eb9-4d01-aa5a-55cfa176d8bd

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 4269 52 KB
52 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=frbgbmg6d7p8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 14:45:42 GMT
x-content-type-options: nosniff
age: 25700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 14:45:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 4269 407 KB
163 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 21:41:40 GMT

GET
H2 200 dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Dema...
adservice.google.com/ddm/fls/z/ Frame 1CE3 42 B
107 B 148ms
67ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJSW5qT3s_wCFZZKHgIdWMwGrg;src=8977078;type=allpg;cat=allpgst;ord=9794254754366;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium...
adservice.google.com/ddm/fls/z/ Frame C31B 42 B
494 B 141ms
66ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CIWY5qT3s_wCFc5dwgodJiMN6g;src=8977078;type=allpg;cat=allpgun;ord=1;num=6731382044559;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 394ms
360ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 573ms
540ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 394ms
362ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 393ms
361ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 570ms
538ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 570ms
539ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 392ms
361ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 570ms
540ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 568ms
538ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 393ms
364ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 392ms
363ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 568ms
540ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 390ms
363ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 562ms
536ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 565ms
539ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 489186234582967 Show response
connect.facebook.net/signals/config/ 493 KB
146 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489186234582967?v=2.9.91&r=stable

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

849c436d4aa567b168d0c9ab8d9503d9edbaa7d4e5118db0cd8bae74de708714

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Jan 2023 21:54:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 149255
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tY5FrNVIB6i0hRBp8pbpunxNgW5ziX+TKJJRScT6UAmEk696ILDbM3UalV3ay2qcFrUGyFdj1ZDOE3jl4isD3Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/779965559/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9f...
https://www.google.com/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadserv...

42 B
64 B

25ms
24ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjcza1RIcU05XzhhZTZCLTZPY0RORTNlckFOcnVPUnV5RXlVYjNzZjhFN2ZCclpkYmlWenpGSVg&is_vtc=1&ocp_id=eZi4Y5LZMofsxwKE8oLYBQ&cid=CAQSKQDq26N9gwj6YbkYaqkaZE3YWDmtXk_HWAWpCp4ljnpJ1WFc3FkcPdG9IBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eSz1VlUoZlgiyF9_XRVHx3UZZ-aSiVq5zw&random=2824570186&ipr=y&prhg=0&ezwbk=AZuM4hAqHzEmguncNM8b9elG7CIx6DuAJ3tkddq1jk5zXnms6RDNeabyNgRdyaVbE9cWcVv1CamI6s88xef2utJcJb8t

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/779965559/?random=1287856254&cv=11&fst=1673042041765&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjcza1RIcU05XzhhZTZCLTZPY0RORTNlckFOcnVPUnV5RXlVYjNzZjhFN2ZCclpkYmlWenpGSVg&is_vtc=1&ocp_id=eZi4Y5LZMofsxwKE8oLYBQ&cid=CAQSKQDq26N9gwj6YbkYaqkaZE3YWDmtXk_HWAWpCp4ljnpJ1WFc3FkcPdG9IBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9eSz1VlUoZlgiyF9_XRVHx3UZZ-aSiVq5zw&random=2824570186&ipr=y&prhg=0&ezwbk=AZuM4hAqHzEmguncNM8b9elG7CIx6DuAJ3tkddq1jk5zXnms6RDNeabyNgRdyaVbE9cWcVv1CamI6s88xef2utJcJb8t
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbo...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadser...

42 B
64 B

27ms
26ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjJOTmtralh6SXVmdGtiUkMxbk15QkgwYjV0RndDV0RWQWFvMTNfUjNHZWN6NXdiTXhsWk11UEo&is_vtc=1&ocp_id=eZi4Y4vbMtrh1gaIpayAAw&cid=CAQSKQDq26N99_1lGkSygFsz4nKQG3RfnsdaqexMYPRSQ4NvtnsfDwcPqbFnIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ecRAP6ARc0TMM5bWlVvDS4tkKwk1cPIApA&random=3336243522&ipr=y&prhg=0&ezwbk=AZuM4hDHsmUIscuQQE2rlGc4i81TtM_xOBeerE9vCEc17aT-HHKoj-ICRUrxeu41mLyrrbLC1QlD1F-khG5cKuCBtI8c

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1712692098&cv=11&fst=1673042041767&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjJOTmtralh6SXVmdGtiUkMxbk15QkgwYjV0RndDV0RWQWFvMTNfUjNHZWN6NXdiTXhsWk11UEo&is_vtc=1&ocp_id=eZi4Y4vbMtrh1gaIpayAAw&cid=CAQSKQDq26N99_1lGkSygFsz4nKQG3RfnsdaqexMYPRSQ4NvtnsfDwcPqbFnIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ecRAP6ARc0TMM5bWlVvDS4tkKwk1cPIApA&random=3336243522&ipr=y&prhg=0&ezwbk=AZuM4hDHsmUIscuQQE2rlGc4i81TtM_xOBeerE9vCEc17aT-HHKoj-ICRUrxeu41mLyrrbLC1QlD1F-khG5cKuCBtI8c
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63NN87E39V&gtm=2oe120&_p=1067407586&cid=459161034.1673042040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673042042&sct=1&seg=0&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5527522.js Show response
bat.bing.com/p/action/ 0
119 B 108ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5527522.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 06 Jan 2023 21:54:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84B50CD5148C41AC976EC1B612378BA9 Ref B: FRA31EDGE0608 Ref C: 2023-01-06T21:54:02Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5527522&Ver=2&mid=a1e8e645-51ab-4f37-a372-0d2168a331f4&sid=a1b19ad08e0c11ed89ae4f809496bf71&vid=a1b1c8b08e0c11eda50eb30e36a14959&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&p=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&r=&lt=1556&evt=pageLoad&sv=1&rn=420096

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Jan 2023 21:54:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8DAC2D7016E4A899FE4AE1506E1C5C7 Ref B: FRA31EDGE0608 Ref C: 2023-01-06T21:54:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1070099938/ 42 B
64 B 60ms
58ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070099938/?random=1673042041763&cv=11&fst=1673038800000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3816182698&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1070099938/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070099938/?random=1673042041763&cv=11&fst=1673038800000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3816182698&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_me...
adservice.google.com/ddm/fls/z/ Frame B537 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CO317qT3s_wCFWtIHgIdMTkOcA;src=8977078;type=app_star;cat=donatest;ord=1;num=4028160918469;gtm=2wg120;auiddc=2037552884.1673042042;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 309ms
309ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 306ms
306ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 484ms
484ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 306ms
306ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 480ms
480ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 484ms
483ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 478ms
478ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 305ms
304ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 476ms
476ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 483ms
482ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 476ms
476ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 rules-p--C-1BUzjxqyCQ.js Show response
rules.quantcount.com/ 7 KB
2 KB 110ms
28ms Script
application/javascript 2600:9000:206e:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--C-1BUzjxqyCQ.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a8eae662e01a138b9efa50f109ae2a9205fc53a3262916727551470ac441e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:01:27 GMT
content-encoding: gzip
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 3156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sat, 30 Apr 2022 03:35:07 GMT
server: AmazonS3
etag: W/"e68d0e9c216771ac3c9b658393e29e79"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: KHRi0IOncFdY4WHVremZjzr69bgRH3R3Apzm9REVW6idqmKixzwcAA==

GET
H3 200 /
www.google.com/pagead/1p-user-list/970754387/ 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970754387/?random=1673042041688&cv=11&fst=1673038800000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=100451593&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/970754387/ 42 B
64 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970754387/?random=1673042041688&cv=11&fst=1673038800000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=100451593&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 470ms
470ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 466ms
466ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
fonts.gstatic.com/s/mulish/v12/ Frame B6FF 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Origin: https://js.stripe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:19:54 GMT
x-content-type-options: nosniff
age: 344048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11232
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 22:19:54 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 459ms
459ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1416 2 KB
2 KB 27ms
25ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 1416 153 KB
54 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrho8Uw9R8wwHkFsrU39GUcLOq4fQw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29aa03b4fa5c9843f9d73837b3fda0aa83ada18c75c9390d56d447adee65f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55247
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 05:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 17:12:45 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbo...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadser...

42 B
64 B

48ms
48ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjhpY0pDTGl5M0JDOV9OVEdrOU5CM19TSGkxNThYUmNXUEgyLWtVbkdyM0tDWUYxU1d6XzZHazA&is_vtc=1&ocp_id=epi4Y49qhaHXBq_RhcAO&cid=CAQSKQDq26N9Pt3QWpC4WNwjdQwYtryyyjahy4N2nF4Y8PwyNK3Z5mBoVcCiIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ebzyuBHlV8c03rGx06k8x1aYK3Qq6QXNqg&random=3222556992&ipr=y&prhg=0&ezwbk=AZuM4hBFjdf3a426wxwP8sjI6fwzYWfnTehbE1i33_aRPjUiUENjBQZn1XJnMY8NhnNDAiepvgNnITPoEQ6iE7QIThVG

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1653915636&cv=11&fst=1673042041984&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=2037552884.1673042042&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0tyZm5RWVFtOGpFMzRqaTR0TlhFaVlBVFhfTWFiemctR08weTh2LWpiZ0tScG83cnJKWXVoN2Zqal9zWV92RTB0MDdUcjlzaFEaWENoQUlnS3JmblFZUW5yT0o1b0RLbjhFR0VpNEFDRURVMjhpY0pDTGl5M0JDOV9OVEdrOU5CM19TSGkxNThYUmNXUEgyLWtVbkdyM0tDWUYxU1d6XzZHazA&is_vtc=1&ocp_id=epi4Y49qhaHXBq_RhcAO&cid=CAQSKQDq26N9Pt3QWpC4WNwjdQwYtryyyjahy4N2nF4Y8PwyNK3Z5mBoVcCiIBM&eitems=ChAIgKrfnQYQ3b3h1sKk-9I_Eh0AAVm9ebzyuBHlV8c03rGx06k8x1aYK3Qq6QXNqg&random=3222556992&ipr=y&prhg=0&ezwbk=AZuM4hBFjdf3a426wxwP8sjI6fwzYWfnTehbE1i33_aRPjUiUENjBQZn1XJnMY8NhnNDAiepvgNnITPoEQ6iE7QIThVG
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7CDF 0
127 B 424ms
421ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame B79E 0
181 B 32ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=nvtufgc&ref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&upid=r20lbgl&upv=1.1.0
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 06 Jan 2023 21:54:02 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
DATA 200
OK truncated
/ Frame 4269 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4269 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4269 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:40:09 GMT
x-content-type-options: nosniff
age: 94433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 12 Jan 2023 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4269 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 552972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 4269 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=frbgbmg6d7p8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 21:54:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489186234582967&ev=PageView&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1673042042394&sw=1600&sh=1200&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673042042387.418798823&eid=ob3_plugin-set_c434d4ebfb3bbdea4c941799fd81fd0813a18952716aa2b3c44f0d84b47b1158&it=1673042042142&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Jan 2023 21:54:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
capigw.lls.org/ 0
163 B 1021ms
98ms XHR
text/plain 54.174.170.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capigw.lls.org/events

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.174.170.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://givenow.lls.org
date: Fri, 06 Jan 2023 21:54:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 1416 69 KB
25 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhFIxO8Cl7SRj4rBzjgB5Jhf2CMdg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrho8Uw9R8wwHkFsrU39GUcLOq4fQw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e2aa6844c7c059832d278a291b264dfcc87d3f66f42b482292723f8a29b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26066
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 17:13:37 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 227ms
227ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 pixel;r=2059251475;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_N...
pixel.quantserve.com/ 35 B
471 B 46ms
12ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2059251475;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-1567758856-1673042042214;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1673042042493;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=86433d9f-bde0-411a-9560-33f6a7991783

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1915110340;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%2...
pixel.quantserve.com/ 35 B
471 B 45ms
12ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1915110340;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-1567758856-1673042042214;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1673042042495;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=86433d9f-bde0-411a-9560-33f6a7991783

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 4F71 6 KB
7 KB 113ms
112ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

fbf7e88f503dfbf0bd4eeb018576fe0d6540cc66d53aeddfaad578cf9ede76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=572595888166258500&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6347
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: T9058ESV578AS1SQT6QY

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame D8A4 7 KB
1 KB 20ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47486b99a29a1210de4b9fc87657a43edbb95e47103c8a30ccf0d1461d4c2dce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RAwQ_bHPRA7DqDh9RJPYOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-RAwQ_bHPRA7DqDh9RJPYOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame BA0A 6 KB
7 KB 108ms
107ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5cbe3ceff38fa8806ce1ea4d5374c332e3d152f86b2cecf107f05393e5868adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=231886234244300000&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6347
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 06 Jan 2023 21:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: ZV8C0HCJAFFH2FKMMSQ2

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 183ms
182ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 182ms
182ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 1416 1 MB
353 KB 71ms
71ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a2b8f94982264fc80e8dfb7c774fab8938b6b625e6a85a6f27f3d8fbc56380

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YB3aAYCa6qdPb2XD_mtNbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YB3aAYCa6qdPb2XD_mtNbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 06 Jan 2023 21:54:02 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 184ms
183ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 1416 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhFIxO8Cl7SRj4rBzjgB5Jhf2CMdg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2549d3cf5327ce2f205188d32d12ee496c71740e2a83e87da10fdcb6fff5bbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9228
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 17:13:38 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 1416 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.b5ADj7MH5UQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhFIxO8Cl7SRj4rBzjgB5Jhf2CMdg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ad4bee3774bc8a255d7c39a78c1eaa38e744195979ab495bd13962bc901f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13482
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 17:21:06 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame D8A4 52 KB
52 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 14:45:42 GMT
x-content-type-options: nosniff
age: 25700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 14:45:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame D8A4 407 KB
163 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 21:41:40 GMT

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 102ms
55ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 827ms
53ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 102ms
56ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 826ms
53ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 102ms
56ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 825ms
54ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 104ms
58ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 822ms
54ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 103ms
56ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 821ms
55ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1416 131 B
155 B 102ms
58ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 811ms
55ms Preflight
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 06 Jan 2023 21:54:03 GMT
expires: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 182ms
181ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 182ms
181ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame 1416 131 B
671 B 803ms
57ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 21:54:03 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 183ms
183ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 182ms
182ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5DC7 0
127 B 184ms
183ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ddb793aa384a0b0966a616e030816f3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 06 Jan 2023 21:54:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 100ms
99ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3288217024203670&v=5574879191511763&s=2961511614876450&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=ThankYou_20230106_National&sp=ts&sp=1673042039822&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DThankYou_20230106_National%26utm_id%3D329823%26sfmc_id%3D225423329&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673042039822&id0=3061873516444379&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1673042043.938668307461&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1673042042599&st=1673042042599

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
givenow.lls.org/static/global/images/digitalWallets/ 3 KB
1 KB 36ms
35ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 19:01:06 GMT
server: cloudflare
age: 1136549
etag: W/"639b6ef2-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7857b09e4e209b5d-FRA
expires: Sun, 24 Dec 2023 18:11:33 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9AF1 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://givenow.lls.org
Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://givenow.lls.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 21:54:03 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=j9c5Z-9pQQ-vApxY402dNw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dj9c5Z-9pQQ-vApxY402dNw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=j9c5Z-9pQQ-vApxY402dNw

43 B
479 B

123ms
122ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=j9c5Z-9pQQ-vApxY402dNw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PG0SM8Y3KMBWKEW2X5RR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 852fb79a-9878-4ae1-88b8-606c9d56ba49
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=j9c5Z-9pQQ-vApxY402dNw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4F71 43 B
163 B 99ms
16ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=f6wO01t-TVu2sIRfWz3lrw&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216643104388004173541&ex=neustar.biz

43 B
479 B

107ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216643104388004173541&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HNV13JW15NS2087PZ81R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:03 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216643104388004173541&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=QQ3IDBdpTYacId2KybnCxA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=QQ3IDBdpTYacId2KybnCxA&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

43 B
479 B

276ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5MF8YG38KNAA86P7ZRJ1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

43 B
479 B

188ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RZDQ1GDCRHX2ECTPGXW2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2
date: Fri, 06 Jan 2023 21:54:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

161ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2QTAFBXHZY7C8A4B57GR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 06 Jan 2023 21:54:03 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=drh4tDA5RBy2UDSyR6JMPA
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=drh4tDA5RBy2UDSyR6JMPA&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=drh4tDA5RBy2UDSyR6JMPA

43 B
479 B

272ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=drh4tDA5RBy2UDSyR6JMPA

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M65XS1AKCAXRZR2ZKPMH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=drh4tDA5RBy2UDSyR6JMPA
date: Fri, 06 Jan 2023 21:54:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

43 B
479 B

301ms
119ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RMB46K4RJ030KYR8YATG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d
Date: Fri, 06 Jan 2023 21:54:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 4F71 43 B
183 B 293ms
91ms Image
image/gif 2600:1f18:612b:4200:65a:5662:4522:c078
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:65a:5662:4522:c078 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 06 Jan 2023 21:54:03 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 4F71 0
16 B 152ms
45ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

267ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6SWV5F3TGAZ9CARY4JBX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673042043501030-368
Expires: Fri, 06 Jan 2023 21:54:03 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

150ms
102ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XHFM5QWFHHB26FNCE5KQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=2JF935DARYKRVGJ4PEEN:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: 2JF935DARYKRVGJ4PEEN
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: JoMmvHsI5cXB0LRdpQz2kC4NFZ4mvoG3cu9zrx_UgoF9_ky0KS8Iug==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4F71 0
338 B 829ms
31ms Image
text/plain 54.155.45.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=gNPGuiDjTLWRufvvVCLeNg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.45.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n009-dub-prod.krxd.net
date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1673042044
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

43 B
479 B

169ms
111ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4TK4JG3KZNE2D5MY4EZ0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com
access-control-allow-origin: *
date: Fri, 06 Jan 2023 21:54:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 4F71 0
263 B 891ms
98ms Image
text/plain 34.197.143.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.143.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-143-35.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 4F71 0
121 B 685ms
22ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=BwitrLoXSfylMPaMj6ni5w&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-9w2fj
date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870e7684a3

43 B
479 B

147ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870e7684a3

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PCDBB0FRRPDNJDC7A6CQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 21:54:04 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870e7684a3
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_w_Xuyw9TP-vp1Ry7SzV6Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_w_Xuyw9TP-vp1Ry7SzV6Q

43 B
479 B

106ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_w_Xuyw9TP-vp1Ry7SzV6Q

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M8X0NAR4GVK1QJY915R2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_w_Xuyw9TP-vp1Ry7SzV6Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=z9CYHl3NRtOZPpDP2Ltycg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=z9CYHl3NRtOZPpDP2Ltycg

43 B
479 B

110ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=z9CYHl3NRtOZPpDP2Ltycg

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5Z64NFA5MKQ9ZJ7CDS2B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=z9CYHl3NRtOZPpDP2Ltycg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673042043661086-391
Expires: Fri, 06 Jan 2023 21:54:03 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=NuMzbFHSRV-li9dUye0JqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=NuMzbFHSRV-li9dUye0JqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=68759795453490829272162014616671581646

43 B
479 B

220ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=68759795453490829272162014616671581646

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 93VRSC55WHRJA6B4AP64
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: F2eNKz9ZTRc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=68759795453490829272162014616671581646
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=R65LfLyMQhutEqPKcgcoSg
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810468695687822049&gdpr=&gdpr_consent=

43 B
479 B

120ms
120ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810468695687822049&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V4S80BZFMF5FG44S7MVK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810468695687822049&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 4F71 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4159758543587229001

43 B
479 B

105ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4159758543587229001

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PYBBD2SSM7YTDGHHMVZ9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4159758543587229001
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a30a2462-8e0c-11ed-b826-10ffbde80106
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a30a240b-8e0c-11ed-b826-10ffbde80106

43 B
479 B

162ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a30a240b-8e0c-11ed-b826-10ffbde80106

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H3SB31CGFT3Q42JAFH97
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a30a240b-8e0c-11ed-b826-10ffbde80106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%224b4985db-fc35-48d8-be24-945abaec051c%22,%22Time%22:%2220230106T215404.457029%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

43 B
479 B

106ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SPDV6VP34JCK0410SAR0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

43 B
479 B

143ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JTPFXW3RG95SQZ23AA41
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 4F71 20 B
20 B 391ms
98ms Image
text/plain 52.22.220.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.220.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-220-75.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: usermatch-a014-ash-prod.krxd.net
date: Fri, 06 Jan 2023 21:54:04 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ae1c9a0497064bc0515af7e95d441437

43 B
479 B

182ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ae1c9a0497064bc0515af7e95d441437

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 08G9X2VWR7AJXBRQVR4G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ae1c9a0497064bc0515af7e95d441437
date: Fri, 06 Jan 2023 21:54:04 GMT
via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
content-length: 0
x-amz-cf-id: WYy66QXNjRTyWEJQWbAlBFpTTsS-fimtndGdzqqU5pc_d0imG-SNwQ==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4F71 43 B
120 B 70ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

43 B
479 B

118ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6ZF5AENE1CKKV2Q3403Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mplrLVU10iAv3JcnnFRAmoiMigOB%2BzP0C48bB3NP%2BLd%2BL3A%2FYJndwn7d%2Fb2sIfv9%2FMMl6SoJAwtxDvmY2VOkVmTQ2z5ovzfI6X2ov8BF1RC9TmXmRRaDmpt%2Foy7JG%2F281kyZR1MTQQoBgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC
cache-control: no-cache
cf-ray: 7857b0ab9d21917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame 4F71 37 B
140 B 194ms
7ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=hyRLLeMXQGeVT3NkRySXuA&dongle=az46
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

43 B
479 B

184ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TFY9C93W0EPM8B3177EX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:08 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

43 B
479 B

178ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6GE6E773E4WFJSAP9RDS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9c19626a-7b4a-45b5-96e2-7988f03b1188
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=QS5RIGkyRq6vX1K-oSUqlg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=QS5RIGkyRq6vX1K-oSUqlg

43 B
479 B

148ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=QS5RIGkyRq6vX1K-oSUqlg

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8MCM4YJY7FGSD3VES81F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=QS5RIGkyRq6vX1K-oSUqlg
date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=q-lYM_eBe2VXETWmumbQQg&ex=rubiconproject.com&status=ok

43 B
479 B

108ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=q-lYM_eBe2VXETWmumbQQg&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y947B1P2M79YPQRXSS9T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=q-lYM_eBe2VXETWmumbQQg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Hrf-UiTBQU2cR8xfBWzoWg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

103ms
102ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J8K0PJMWCF17KB1P25SW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 4F71 0
324 B 3356ms
2015ms Image
text/plain 18.198.69.109

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=gNPGuiDjTLWRufvvVCLeNg&dmt=3&ex-pl-n-g-hmt=Hrf-UiTBQU2cR8xfBWzoWg&ep=ttam_T219Ay-cPciHbT10sT78kxS-RraZkevV47z_d4KlwiCHj0DhcMTVZzMURfL0CvNeFPfCiSAL5V0nShA0h0GzmgVkeW0iXOMqXdRmCWdEwU9AQPKQEc9KawnawQLdEr5WRBSwuNaogHmqo9usxe1A3C2yHuWXtyhtHGH9VMVe_bMrOVTDYpYHWC2-8KotwB7i_dYcDPIJk36Qv2J0SyFBPfvNUBb1SD40QEY6dte7Rz5X6V_0rh8e7g_JQ5unAHQt4ED--o_CuoeNr-8ICnjTY_6HRraMnL94JJyRqlquqpOhi9WD77aN3vCmxSHWDip4Ft9FRQXt3Y7Z__wWTEVmOXvaWpLcn9UTD25qrTkuVjlDnvlAbnbNwlpmtcxbuCb_Y9eIoOQaoL_bAMGgjKVgTvOWGNAl7WK69aiHW70ZKIS4W_PKVChBcrnDBqjRdNYPO0Y4UQDsYFOMiZ5lz3xeK8UGF1Es3rQ5FMo3LB2FY_jdK8V6kB79qLsC4LMjmSv2aeBu5YpsX2mE-zLbYOOsGxiQ8MwbNmxMhZEJ9c9XQ9PTIqdWT5l4B95aDKA7-3ZoOpMXU9i91rx7OnpxkCimzpOndfV2neee64q2zk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 -, , ASN (),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B8632A05926A0290D306

43 B
479 B

106ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B8632A05926A0290D306

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X1K00ES7CN87D90EJXKX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:05 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B8632A05926A0290D306
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 06 Jan 2023 21:54:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

43 B
479 B

180ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NSWN8ESG2RNGH0YJVBFA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2AB4A885-FB64-43E3-86FB-6C827D235BA0

43 B
479 B

177ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2AB4A885-FB64-43E3-86FB-6C827D235BA0

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AXMXRXF4H3X60SDPX79C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2AB4A885-FB64-43E3-86FB-6C827D235BA0
date: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4F71
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=495fc65c-b759-4ec5-9e21-3d53fbe5de42-tuctab21dfd

43 B
479 B

110ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=495fc65c-b759-4ec5-9e21-3d53fbe5de42-tuctab21dfd

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KBA34WEJAEX8ZM6CBNW1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=495fc65c-b759-4ec5-9e21-3d53fbe5de42-tuctab21dfd
date: Fri, 06 Jan 2023 21:54:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12191

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=qM2GgdwOTc-27_SCR8_5OA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DqM2GgdwOTc-27_SCR8_5OA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=qM2GgdwOTc-27_SCR8_5OA

43 B
479 B

198ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=qM2GgdwOTc-27_SCR8_5OA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VS7NRD8DRQVBFGW04MKR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 851a3aa1-1da1-414c-91b8-be7edf105000
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=qM2GgdwOTc-27_SCR8_5OA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BA0A 43 B
163 B 89ms
20ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=jdI6tliSSEm3Twm5rKRfHQ&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=217293104388004174795&ex=neustar.biz

43 B
479 B

106ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217293104388004174795&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: REJRW88B00HFN1CFX4C4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:03 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=217293104388004174795&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=tw6YeTIUSP-sXKm64aw-tg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=tw6YeTIUSP-sXKm64aw-tg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

43 B
479 B

261ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MFM51JV8KGC740NCE53P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y7iYe2ffYTb1bwbo7.IQ7wAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

43 B
479 B

210ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2AKA5SC5GNGBA2282D32
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bea1ee2e06458b51c35cee6449a057a2
date: Fri, 06 Jan 2023 21:54:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

160ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V5RZCFTXKW4PJR549PDC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 06 Jan 2023 21:54:03 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qzXXB6ZGSoKvuyh-rM_dEg
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qzXXB6ZGSoKvuyh-rM_dEg&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qzXXB6ZGSoKvuyh-rM_dEg

43 B
479 B

286ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qzXXB6ZGSoKvuyh-rM_dEg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WXXW5NF9SFA03GAZY5JK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qzXXB6ZGSoKvuyh-rM_dEg
date: Fri, 06 Jan 2023 21:54:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

43 B
479 B

292ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NKSNHMQJ60129R37P1RC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=100d7882-a768-467d-a275-2a412892e40d
Date: Fri, 06 Jan 2023 21:54:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame BA0A 43 B
182 B 281ms
92ms Image
image/gif 2600:1f18:612b:4200:65a:5662:4522:c078
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:65a:5662:4522:c078 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 06 Jan 2023 21:54:03 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame BA0A 0
123 B 138ms
45ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:03 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=8a8caf9aad1e450cc56c3fc44784438&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

277ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8a8caf9aad1e450cc56c3fc44784438&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 37P86SQGXXQDP9BWA46P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8a8caf9aad1e450cc56c3fc44784438&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673042043465067-579
Expires: Fri, 06 Jan 2023 21:54:03 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

146ms
101ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2MHJV2H8YY771FXW0EGC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=V9TW7FB97ZD4SZZM2MB2:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: V9TW7FB97ZD4SZZM2MB2
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: TOsCZXMH3v3prV0yPluScTk6zVwfB32QUDu2Xs6WJJWzsney6LkyGQ==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame BA0A 0
337 B 831ms
32ms Image
text/plain 54.155.45.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=FRa6HtV1TtaLRcLp9Vqucg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.45.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1673042044
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

43 B
479 B

166ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CGBG7YY0MPR3JFVCWMYD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=649c145b-9fb1-4d39-a5ba-1dd4bc575a91&ex=improvedigital.com
access-control-allow-origin: *
date: Fri, 06 Jan 2023 21:54:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame BA0A 0
263 B 872ms
101ms Image
text/plain 34.197.143.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.143.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-143-35.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame BA0A 0
122 B 684ms
21ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=jiI9hFB9TjyDCn7s1axEfg&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-9w2fj
date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870f54a9c1

43 B
479 B

155ms
114ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870f54a9c1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q6KXPT39VW17B969V5V3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 21:54:04 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=108f7e8870f54a9c1
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TxwjPwSaTUm6tA8MY9ZyJA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TxwjPwSaTUm6tA8MY9ZyJA

43 B
479 B

105ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TxwjPwSaTUm6tA8MY9ZyJA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EA53TEX5PRW2TMGPABDY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TxwjPwSaTUm6tA8MY9ZyJA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=ACFIgt2kTQS91eqO8uckjg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=ACFIgt2kTQS91eqO8uckjg

43 B
479 B

108ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=ACFIgt2kTQS91eqO8uckjg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2P3BQ2MAHGRRC4YN2NM3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=9a57883b9652f576c717cf463c88c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=ACFIgt2kTQS91eqO8uckjg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673042043665088-564
Expires: Fri, 06 Jan 2023 21:54:03 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=BGbeJ4x5SviuZaNsXQ9JsQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=BGbeJ4x5SviuZaNsXQ9JsQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=10130620350127968431254472599299687230

43 B
479 B

107ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=10130620350127968431254472599299687230

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ATD0GNNCXPS17N4Y462T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yVSpaglBR2M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=10130620350127968431254472599299687230
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=YigD3SuATsGkvcCE_XlVhQ
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814972294704124534&gdpr=&gdpr_consent=

43 B
479 B

107ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814972294704124534&gdpr=&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1DK1EAAFN8TT6TTMGZT1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814972294704124534&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame BA0A 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8911594852075945587

43 B
479 B

110ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8911594852075945587

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FBXYM4VJMZN64EKR1037
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8911594852075945587
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a3098026-8e0c-11ed-b7fc-17f3d7a10506
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a3097fc9-8e0c-11ed-b7fc-17f3d7a10506

43 B
479 B

164ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a3097fc9-8e0c-11ed-b7fc-17f3d7a10506

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RYZ66TVT7VM9J43M3B76
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a3097fc9-8e0c-11ed-b7fc-17f3d7a10506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22e1591583-d9e4-4039-9807-4abd7efe300e%22,%22Time%22:%2220230106T215404.458523%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

43 B
479 B

117ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GKHJAF6F431C21WCMBGB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=4b4985db-fc35-48d8-be24-945abaec051c
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

43 B
479 B

157ms
113ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SPZSPC0SZ24HFXZ2HBN1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEBIlx2QcC4qVYofuNdE0x3w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame BA0A 20 B
20 B 393ms
99ms Image
text/plain 52.22.220.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.220.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-220-75.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: usermatch-a015-ash-prod.krxd.net
date: Fri, 06 Jan 2023 21:54:04 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ccaaf5b9f936f34f770a2aff84167946

43 B
479 B

173ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ccaaf5b9f936f34f770a2aff84167946

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 16R7MA1XZWSA8Y6T1PTS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=ccaaf5b9f936f34f770a2aff84167946
date: Fri, 06 Jan 2023 21:54:04 GMT
via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
content-length: 0
x-amz-cf-id: kvFr-RNUpiDD10-7rhyNx69ViZqoH9c9GAk57QBsent5f6HUIRK6lg==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame BA0A 43 B
304 B 68ms
15ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

43 B
479 B

148ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YDDD2F4PRBXR2S9J73EE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hHr%2BQi%2Bf8a%2FoDv8t67zti8iqLfVh%2BrnTqwzAgwImDtkzWNXA0LiIHseMwCZRDDMMxy3yIlXCITmKi0fVJjhTldScujHb3K1%2FfhtwrR9cuGKTKcEYHtrohpEvLEK2jIhKspnP0TJI2UYEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KuqvSzfrK06FPUXclod-2jc4fOY4ZgAC
cache-control: no-cache
cf-ray: 7857b0ab9d1c917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame BA0A 37 B
139 B 193ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=De__j93ZTSusmX3HT0N6pw&dongle=az46
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

43 B
479 B

190ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4Q0R7ZP729W980SKCBJ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:08 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=3D034CC802C210A1
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

43 B
479 B

168ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W9TBQXHBZX9XFPYTN5S7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cc465b74-fb50-4191-a8f3-49d2eac7c9e8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7138640488935283442&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=hE0w27S4SC6-hrbtAva_Ww&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=hE0w27S4SC6-hrbtAva_Ww

43 B
479 B

121ms
103ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=hE0w27S4SC6-hrbtAva_Ww

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y8WTAKJFDCDB7X8KK42M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=hE0w27S4SC6-hrbtAva_Ww
date: Fri, 06 Jan 2023 21:54:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=3ogNW9S9Y3U-FIvkwGLwaA&ex=rubiconproject.com&status=ok

43 B
479 B

117ms
111ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3ogNW9S9Y3U-FIvkwGLwaA&ex=rubiconproject.com&status=ok

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 38YFVRW15NXY0XNBMZN7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=3ogNW9S9Y3U-FIvkwGLwaA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Rm8HOrRlThqUaaxEzUB32w&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

102ms
102ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GD9EC13DBCEVYXWKHAPV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame BA0A 0
324 B 3354ms
2016ms Image
text/plain 18.198.69.109

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 -, , ASN (),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 21:54:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B863D804A66202510503

43 B
479 B

105ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B863D804A66202510503

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4QKZV08F3GP3KY7185PR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 21:54:05 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8687D98B863D804A66202510503
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 06 Jan 2023 21:54:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

43 B
479 B

173ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JX82KQNZ0PZGZ787YJNQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 21:54:04 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9675b825e596dcbb2b7fb8c3e5a35970de10a639eae49afb02c7b46920cd0073
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=DDECCB36-8099-4B00-907A-15719DD1D192

43 B
479 B

180ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=DDECCB36-8099-4B00-907A-15719DD1D192

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6PP73D82CG39NCMW553S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=DDECCB36-8099-4B00-907A-15719DD1D192
date: Fri, 06 Jan 2023 21:54:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BA0A
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5754ff86-f0e3-48bf-8aa1-3a2b5838f149-tuctab21dfd

43 B
479 B

111ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5754ff86-f0e3-48bf-8aa1-3a2b5838f149-tuctab21dfd

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=FRa6HtV1TtaLRcLp9Vqucg&dmt=3&ex-pl-n-g-hmt=Rm8HOrRlThqUaaxEzUB32w&ep=ttam_T219Ay-cPciHbT10lC64S5FSoLitw6CrlWfZFJ1vWlRDcau2GEjc_xgsP2YKah3O8oMMYpzoTJw-90C2F2fSE5sKbatD2zP_YoFZlZOLGk_VAw0WZEwFTZ3SvLC47Uy6o8Syo02aFagLRuH949J1rcaqucV-NoK_07InAvGLi0Bi-pJ1hADugESBIGpayw7K_3Ad5CaU6_6hea74CyFBPfvNUBb1SD40QEY6dusqJ4WMuIZaDdcB8uX1r4lD0WAaDyLygRKmsANvel2ZNuNUfTwLfq4hXFMq4f_38EzvMhof9YWkC55_1goMkW3WDip4Ft9FRQXt3Y7Z__wWVOr_n4o4ZPlTjeCnyL45P42rQtHGbyXxCQReGwCPim8YtIF4FuTWTSUg4rdM-XokLFQpvVQtncdoaGxws8hW4sowgC60Xc8c5K77X83NkEJD6LOubdyFxdAvznsjtj7icIIPnn_CuIKJfBW4CxhVCh2FY_jdK8V6kB79qLsC4LMMGDSVWDR-wkuWtsOfosNL-9EdcN6JJGqYWqLuphSaGy634lSGu1ZeTLHHEq-WTBRp0d7OAgzntgaEJTBMZY7_IlmySvbMiSzw-1CieYIW5o

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 21:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9VTRYSMFSCJJCWZ6Y8YE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5754ff86-f0e3-48bf-8aa1-3a2b5838f149-tuctab21dfd
date: Fri, 06 Jan 2023 21:54:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12191

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ 24 B
403 B 239ms
239ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1220.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=5745&ck=0&s=6d4653919dcf37f9&ref=https://givenow.lls.org/give/342076/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 06 Jan 2023 21:54:03 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://givenow.lls.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7857b0a36b5a9235-FRA
Content-Length: 24

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
795 B 21ms
21ms Script
text/javascript 99.86.240.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=ThankYou_20230106_National&utm_id=329823&sfmc_id=225423329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS