turnanewleaf.org Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.anewleaftaxcredit.org/
Effective URL:
https://turnanewleaf.org/donate/
Submission: On September 25 via automatic, source certstream-suspicious (September 25th 2024, 9:34:23 am UTC) — Scanned from DE

Summary HTTP 93 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 93 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is turnanewleaf.org.
TLS certificate: Issued by E6 on September 8th 2024. Valid for: 3 months.

This is the only time turnanewleaf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
1 41	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 3	23.21.33.87 23.21.33.87	14618 (AMAZON-AES) (AMAZON-AES)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
22	104.26.4.251 104.26.4.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
93	18

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.anewleaftaxcredit.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 141.193.213.11 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.turnanewleaf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turnanewleaf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.21.33.87 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-33-87.compute-1.amazonaws.com

app.dafwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.26.4.251 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	turnanewleaf.org 1 redirects www.turnanewleaf.org turnanewleaf.org	438 KB
22	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 31579 static.fundraiseup.com — Cisco Umbrella Rank: 29949	854 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 358 px4.ads.linkedin.com — Cisco Umbrella Rank: 6989	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	343 KB
3	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 28476	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	76 KB
3	dafwidget.com 1 redirects app.dafwidget.com	4 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4780	28 KB
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 8085 jelly-v6.mdhv.io — Cisco Umbrella Rank: 13066	634 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	21 KB
2	gstatic.com fonts.gstatic.com	49 KB
1	google.de www.google.de — Cisco Umbrella Rank: 9833	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 152	255 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4111
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	anewleaftaxcredit.org 1 redirects www.anewleaftaxcredit.org	326 B
93	17

	Domain	Requested by
40	turnanewleaf.org	turnanewleaf.org
21	static.fundraiseup.com	turnanewleaf.org cdn.fundraiseup.com static.fundraiseup.com
4	www.facebook.com	turnanewleaf.org
4	www.googletagmanager.com	turnanewleaf.org www.googletagmanager.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	fndrsp.net	cdn.fundraiseup.com
3	connect.facebook.net	turnanewleaf.org connect.facebook.net
3	app.dafwidget.com	1 redirects turnanewleaf.org app.dafwidget.com
3	static.addtoany.com	turnanewleaf.org static.addtoany.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	turnanewleaf.org
1	px4.ads.linkedin.com	turnanewleaf.org
1	www.google.de	turnanewleaf.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	jelly-v6.mdhv.io	turnanewleaf.org
1	jelly.mdhv.io	1 redirects
1	snap.licdn.com	turnanewleaf.org
1	cdn.fundraiseup.com	turnanewleaf.org
1	www.turnanewleaf.org	1 redirects
1	www.anewleaftaxcredit.org	1 redirects
93	21

This site contains links to these domains. Also see Links.

Domain
www.bonfire.com
www.freewill.com
anewleaf.mygiftlegacy.org
dafwidget.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.glassdoor.com
us60.dayforcehcm.com

Subject Issuer	Validity	Valid
turnanewleaf.org E6	`2024-09-08` - `2024-12-07`	3 months	crt.sh
static.addtoany.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-04` - `2024-10-02`	3 months	crt.sh
fundraiseup.com E5	`2024-08-15` - `2024-11-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.imarketsmart.com Amazon RSA 2048 M03	`2023-12-26` - `2025-01-24`	a year	crt.sh
fndrsp.net Cloudflare Inc ECC CA-3	`2024-02-21` - `2024-12-31`	10 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://turnanewleaf.org/donate/
Frame ID: A7E7B72A01F64993B3EB8138C69F534F
Requests: 93 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: FC197539C5585062C579A4809C6DF0A6
Requests: 1 HTTP requests in this frame

Frame: https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibmplexsans-v19-600.woff2
Frame ID: BB442FF1DE536FEAF30D8A2748BCA3C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate To A New Leaf | End Homelessness & Domestic Violence

Page URL History Show full URLs

https://www.anewleaftaxcredit.org/ HTTP 301
http://www.turnanewleaf.org/donate_now HTTP 307
https://www.turnanewleaf.org/donate_now HTTP 301
https://turnanewleaf.org/donate/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

93
Requests

97 %
HTTPS

42 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

1834 kB
Transfer

5774 kB
Size

12
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bonfire.com/store/a-new-leafs-swag-store/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.freewill.com/smartgiving/turnanewleaf
Title: Donate Assets

Search URL Search Domain Scan URL

URL: https://anewleaf.mygiftlegacy.org/
Title: Gift Planning

Search URL Search Domain Scan URL

URL: https://dafwidget.com/terms-and-privacy-policy/
Title: Terms of Service and Privacy Policy

Search URL Search Domain Scan URL

URL: https://dafwidget.com/add-a-new-fund-to-the-dafwidget/
Title: Don't see your fund? Let us know.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/anewleaf
Title: <img loading="lazy" decoding="async" src="https://turnanewleaf.org/wp-content/uploads/2020/11/facebook-icon.png" width="46" height="46" class="wp-image-4665 alignnone size-full" alt="A New Leaf Facebook" no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection />

Search URL Search Domain Scan URL

URL: https://www.instagram.com/anewleafaz/
Title: <img loading="lazy" decoding="async" src="https://turnanewleaf.org/wp-content/uploads/2020/11/instagram-icon.png" width="46" height="46" class="wp-image-4667 alignnone size-full" alt="A New Leaf Instagram" no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection />

Search URL Search Domain Scan URL

URL: https://twitter.com/ANewLeafAZ
Title: <img loading="lazy" decoding="async" src="https://turnanewleaf.org/wp-content/uploads/2020/11/twitter-icon.png" width="46" height="46" class="wp-image-4669 alignnone size-full" alt="A New Leaf Twitter" no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection />

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/a-new-leaf
Title: <img loading="lazy" decoding="async" src="https://turnanewleaf.org/wp-content/uploads/2020/11/linkedin-icon.png" width="46" height="46" class="wp-image-4668 alignnone size-full" alt="A New Leaf LinkedIn" no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection />

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Overview/Working-at-A-New-Leaf-EI_IE314196.11,21.htm
Title: <img loading="lazy" decoding="async" src="https://turnanewleaf.org/wp-content/uploads/2020/11/glassdoor-icon.png" width="46" height="46" class="wp-image-4666 alignnone size-full" alt="A New Leaf Glassdoor" no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection no-resize-detection />

Search URL Search Domain Scan URL

URL: https://us60.dayforcehcm.com/CandidatePortal/en-US/leaf
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.anewleaftaxcredit.org/ HTTP 301
http://www.turnanewleaf.org/donate_now HTTP 307
https://www.turnanewleaf.org/donate_now HTTP 301
https://turnanewleaf.org/donate/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://app.dafwidget.com/api/js/source.js HTTP 301
https://app.dafwidget.com/public/embed.js

Request Chain 69

https://jelly.mdhv.io/v1/star.gif?pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&tx=81e92d87-c954-4754-8cd5-eb2deece419d

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&e_ipv6=AQIsPdwRylrRNwAAAZIoiA_5wxEwE1gQ07LAc1b4e1BIna7eccIj4eI9DAKl9ypGXDKeT2o

93 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
turnanewleaf.org/donate/
Redirect Chain

https://www.anewleaftaxcredit.org/
http://www.turnanewleaf.org/donate_now
https://www.turnanewleaf.org/donate_now
https://turnanewleaf.org/donate/

141 KB
26 KB

776ms
672ms

Document
text/html

141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 72c5a762c06b80d7803bda03b4ed6304fe51c1484b70bad0cb873881ae1bb8d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c8a047b4ee544fe-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Sep 2024 09:34:17 GMT
link: <https://turnanewleaf.org/wp-json/>; rel="https://api.w.org/" <https://turnanewleaf.org/wp-json/wp/v2/pages/5500>; rel="alternate"; title="JSON"; type="application/json" <https://turnanewleaf.org/?p=5500>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c8a0475cea358f6-TXL
content-type: text/html; charset=UTF-8
date: Wed, 25 Sep 2024 09:34:16 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://turnanewleaf.org/donate/
server: cloudflare
x-cache: MISS
x-cache-group: normal
x-cacheable: non200
x-orig-cache-control: no-cache, must-revalidate, max-age=0
x-powered-by: WP Engine
x-redirect-by: Rank Math

GET
H2 200 uaf.css
turnanewleaf.org/wp-content/uploads/useanyfont/ 3 KB
451 B 93ms
89ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/uploads/useanyfont/uaf.css?ver=1726569140
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f3946c01da86dd72352e7e1e71badb9c0030f1980ed552901f69cec0248972

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e95ab4-a8f"
cf-ray: 8c8a047f9eab44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 17 Sep 2024 10:32:20 GMT

GET
H2 200 front.min.css
turnanewleaf.org/wp-content/plugins/popups-for-divi/styles/ 7 KB
2 KB 83ms
79ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000b1-1c9f"
cf-ray: 8c8a047f9eaf44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:33 GMT

GET
H2 200 et-divi-dynamic-tb-25005-tb-25004-5500-late.css
turnanewleaf.org/wp-content/et-cache/5500/ 10 KB
2 KB 95ms
91ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-divi-dynamic-tb-25005-tb-25004-5500-late.css?ver=1725987938
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa9795791363a807ea05952a52f17eb7113b17bded421d70c53129364d7a262

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e07c63-293b"
cf-ray: 8c8a047f9eb344fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 10 Sep 2024 17:05:39 GMT

GET
H2 200 et-divi-dynamic-tb-25005-tb-25004-5500.css
turnanewleaf.org/wp-content/et-cache/5500/ 13 KB
2 KB 91ms
87ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-divi-dynamic-tb-25005-tb-25004-5500.css?ver=1725987938
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fee4e48e4aca8bf572c3ab69eb021190c8f67b5ea3bfb5c42799d309c603cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e07c62-3290"
cf-ray: 8c8a047faeb544fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 10 Sep 2024 17:05:38 GMT

GET
H2 200 style.min.css
turnanewleaf.org/wp-content/plugins/Divi-Blog-Extras/styles/ 71 KB
10 KB 85ms
82ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/Divi-Blog-Extras/styles/style.min.css?ver=2.7.0
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc8ac6a027bef5a402f2205a960535ff51064c87f68f7123375a539b488f253b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-11c2f"
cf-ray: 8c8a047faeb644fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 style.min.css
turnanewleaf.org/wp-content/plugins/divi-flip-cards/styles/ 41 KB
3 KB 159ms
156ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/divi-flip-cards/styles/style.min.css?ver=1.0.0
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033136b0ea791f68ecbba2e90a56d9009bcca5c736d9b508f7863c4e2e65e038

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-a2d5"
cf-ray: 8c8a047faeb844fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 style.min.css
turnanewleaf.org/wp-content/plugins/divi-mad-menu/styles/ 49 KB
7 KB 85ms
82ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/divi-mad-menu/styles/style.min.css?ver=1.9.3
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3666f6584d5e2fa222db2ddce0a20d8b1f8a61141b6fe71df44e6cd2652e0d90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-c203"
cf-ray: 8c8a047faebc44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 addtoany.min.css
turnanewleaf.org/wp-content/plugins/add-to-any/ 2 KB
592 B 98ms
94ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66a2e747-644"
cf-ray: 8c8a047faec044fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 26 Jul 2024 00:01:11 GMT

GET
H2 200 style.css
turnanewleaf.org/wp-content/themes/NewLeaf-Child/ 519 B
368 B 261ms
258ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896d5aa36b3ca8d27c8dab83f8e77a30bf3332e7c730486b33f03bfdcf85454c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-207"
cf-ray: 8c8a047faec144fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 100ms
53ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"b57737a151d7fd411c90e2eb8cdb171e"
age: 24954
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VqxAhGglPQa4kSs36tAjvXAlTvWXCn3puQX0dIhaqP3CUmaw8FUsG0fN14h3tCHaBzCpxFdCzfaeIrgLFml1KiT%2B9LTePDaL8VwdAPomRZ6IowJTIDRE7Ely7t7j8aAcAFrF8l2R"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c8a04819d9f3644-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery.min.js Show response
turnanewleaf.org/wp-includes/js/jquery/ 86 KB
31 KB 159ms
155ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"64ecd5ef-15601"
cf-ray: 8c8a047fdf1244fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 28 Aug 2023 17:14:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
turnanewleaf.org/wp-includes/js/jquery/ 13 KB
5 KB 158ms
154ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6482bd64-3509"
cf-ray: 8c8a047fdf1844fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 09 Jun 2023 05:49:24 GMT

GET
H3 200 addtoany.min.js Show response
turnanewleaf.org/wp-content/plugins/add-to-any/ 129 B
253 B 75ms
75ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66a2e747-81"
cf-ray: 8c8a04820e4258f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 26 Jul 2024 00:01:11 GMT

GET
H2 200 ie-compat.min.js Show response
turnanewleaf.org/wp-content/plugins/popups-for-divi/scripts/ 10 KB
4 KB 115ms
113ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000b1-2712"
cf-ray: 8c8a047fdf1944fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:33 GMT

GET
H2 200 custom_js.js Show response
turnanewleaf.org/wp-content/themes/NewLeaf-Child/js/ 8 KB
3 KB 157ms
155ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/js/custom_js.js?ver=6.6.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207bda4ee6a13061b6844abb9e40e48813914b1d6c934d021a09b240de156446

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-2152"
cf-ray: 8c8a047fdf1c44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 153ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17387119-1

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a39da6449689e0d089b64e7888987fff06edb9f50f9aa43dbf6b861fef0a1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 25 Sep 2024 09:34:18 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78589
date: Wed, 25 Sep 2024 09:34:18 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 et-core-unified-5500.min.css
turnanewleaf.org/wp-content/et-cache/5500/ 265 B
209 B 119ms
117ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-core-unified-5500.min.css?ver=1725987939
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9ef12a801642d466a17e548ce8e32a3f94d13efa7d99732d4a6933ffd9a6f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e07c63-109"
cf-ray: 8c8a047faec244fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 10 Sep 2024 17:05:39 GMT

GET
H2 200 et-core-unified-tb-25005-tb-25004-deferred-5500.min.css
turnanewleaf.org/wp-content/et-cache/5500/ 18 KB
3 KB 158ms
156ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-core-unified-tb-25005-tb-25004-deferred-5500.min.css?ver=1725987939
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1857d05326665ebd708e4d65d2274ccabc9884d38b35d5bece41e65880b7a3a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e07c63-464f"
cf-ray: 8c8a047fdf0e44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 10 Sep 2024 17:05:39 GMT

GET
H2

200

embed.js Show response
app.dafwidget.com/public/
Redirect Chain

https://app.dafwidget.com/api/js/source.js
https://app.dafwidget.com/public/embed.js

7 KB
3 KB

118ms
118ms

Script
text/javascript

23.21.33.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/embed.js
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Server: 23.21.33.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-33-87.compute-1.amazonaws.com
Software: /
Resource Hash: a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: gzip
x-cache-hit: 1
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 03 Aug 2023 12:39:56 GMT
vary: Accept-Encoding

Redirect headers

location: https://app.dafwidget.com:443/public/embed.js
content-length: 134
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 tilt.jquery.min.js Show response
turnanewleaf.org/wp-content/plugins/divi-flip-cards/scripts/ 6 KB
2 KB 116ms
114ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/divi-flip-cards/scripts/tilt.jquery.min.js?ver=1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-1608"
cf-ray: 8c8a047fdf1f44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 front.min.js Show response
turnanewleaf.org/wp-content/plugins/popups-for-divi/scripts/ 65 KB
21 KB 154ms
152ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000b1-10394"
cf-ray: 8c8a047fdf2344fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:33 GMT

GET
H2 200 scripts.min.js Show response
turnanewleaf.org/wp-content/themes/Divi/js/ 268 KB
60 KB 119ms
118ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.26.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5b19f81ae284a59aee36257fc8b157c4f48a99ef5692b038adb56ec48d09bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66957f5b-42f9b"
cf-ray: 8c8a047fdf2544fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 15 Jul 2024 19:58:19 GMT

GET
H2 200 jquery.fitvids.js Show response
turnanewleaf.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 155ms
154ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.26.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66957f5b-d15"
cf-ray: 8c8a047fdf2944fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 15 Jul 2024 19:58:19 GMT

GET
H2 200 frontend-bundle.min.js Show response
turnanewleaf.org/wp-content/plugins/Divi-Blog-Extras/scripts/ 35 KB
7 KB 150ms
148ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/Divi-Blog-Extras/scripts/frontend-bundle.min.js?ver=2.7.0
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-8dee"
cf-ray: 8c8a047fdf2d44fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 frontend-bundle.min.js Show response
turnanewleaf.org/wp-content/plugins/divi-flip-cards/scripts/ 3 KB
815 B 117ms
115ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/divi-flip-cards/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee988caec16e0465e6694e06d321e5ad04d77b90a5100f78acd57f9aa92bb929

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-dd9"
cf-ray: 8c8a047fdf3044fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 frontend-bundle.min.js Show response
turnanewleaf.org/wp-content/plugins/divi-mad-menu/scripts/ 55 KB
13 KB 156ms
155ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/divi-mad-menu/scripts/frontend-bundle.min.js?ver=1.9.3
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7edeec6e066186075ac68ad8a19e3989cb0381589e8a145a79861dcecfdf24d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000ab-dd29"
cf-ray: 8c8a047fdf3244fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:27 GMT

GET
H2 200 common.js Show response
turnanewleaf.org/wp-content/themes/Divi/core/admin/js/ 1 KB
657 B 116ms
115ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.26.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66957f5b-53f"
cf-ray: 8c8a047fdf3544fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 15 Jul 2024 19:58:19 GMT

GET
H2 200 smush-lazy-load.min.js Show response
turnanewleaf.org/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 155ms
154ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.16.5
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000b9-2018"
cf-ray: 8c8a047fdf3844fe-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:41 GMT

GET
H3 200 fn.js Show response
turnanewleaf.org/wp-content/plugins/gtranslate/js/ 14 KB
5 KB 87ms
85ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/plugins/gtranslate/js/fn.js?ver=6.6.1
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d21bec11514b5e3fc172cc09decfba9ce21282859216dbcd4e3b80ce15a057

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66ebc942-3970"
cf-ray: 8c8a04821e6458f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 19 Sep 2024 06:48:34 GMT

GET
H3 200 reset.css
turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/ 2 KB
837 B 79ms
79ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/reset.css
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732d898b761e58cbe67c727ac7702adac9e2bcfb28a1a7cf493182671018c05a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-97f"
cf-ray: 8c8a04814cef58f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H3 200 base.css
turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/ 43 KB
9 KB 85ms
84ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/base.css
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7554067cb86a1900f173cc3876825fae285542c4b40852c00ecccfff6e53db3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-abcc"
cf-ray: 8c8a04814cf658f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H3 200 header.css
turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/ 6 KB
2 KB 103ms
102ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/header.css
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf09cc89b32cabd4db68ece97da899835b48f536487a7d7e86abeb82381f596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-1815"
cf-ray: 8c8a04814cf958f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H3 200 footer.css
turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/ 1 KB
571 B 97ms
96ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/stylesheets/footer.css
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e8f9efafcfc82b3beae494a541e19e2ee52d9e6bd4a605e2b9586fb2721cdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/wp-content/themes/NewLeaf-Child/style.css?ver=4.26.1

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669000a7-434"
cf-ray: 8c8a04814cfd58f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 11 Jul 2024 15:56:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
68 KB 206ms
111ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5G4X59C

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad723a2728411381ad7b709209d559f28221d97aea003ab94affb02e631e66df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
expires: Wed, 25 Sep 2024 09:34:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 69148
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 79ms
38ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4437, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: c77xDooaxdK5QZIjJrZGjFnmm50H42MCLFfNviAjNrbif6tv60AY67J60SAQwYpB0vv+CiSU2EFUWUMSl8o4iQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58975
x-xss-protection: 0

GET
H2 200 AUXZFGRT Show response
cdn.fundraiseup.com/widget/ 151 KB
45 KB 200ms
105ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/AUXZFGRT

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a175fa763931095ab661c66a6f529cd260b0fec8ecafb98153fb3a80bb1cbb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://static.fundraiseup.com/681e521407f6.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AUXZFGRT.js>; rel=preload; as=script, <https://static.fundraiseup.com/1199.6ee8e1d36bf3.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/1590.a9979de416ac.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/9554.7fd9eb1bba68.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.b13e9cec42b9d5fff82e.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.39268c869f832a863c96.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.f9b9bfceb9422c3b80a6.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.47fcbda2ddf8612ec4a9.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.3872c110be5ca66818ee.js>; rel=preload; as=script
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"1644229608"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60kjpEh2O73zCTPqrYHjtdaHcT%2BFYRqeuXfSSLUDEo6cbPBSncaSAzWXhS7bbX7B5Kop1gDKdbi%2F8GSoUic01tt3l7C9R%2FQnh1yQdaczNPyIZep9GDGDPfLdxGvieMs4nOPPYHQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c8a0482aece1901-FRA
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
102 KB 239ms
145ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF96N8Q

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26b616ee5e3ad2b15308b377d0a414f65004810bfad392df823237d1505636a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
expires: Wed, 25 Sep 2024 09:34:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 104162
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 7632SpeakOT-Heavy.woff2
turnanewleaf.org/wp-content/uploads/useanyfont/ 24 KB
24 KB 83ms
82ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/uploads/useanyfont/7632SpeakOT-Heavy.woff2
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/uploads/useanyfont/uaf.css?ver=1726569140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c47e0a1ad58e25d7cf0f510b0b6fa454f9b547bd9a568eda091581cd215865

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/wp-content/uploads/useanyfont/uaf.css?ver=1726569140

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "668ffb04-5e00"
cf-ray: 8c8a04822e7e58f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24064
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: font/woff2
last-modified: Thu, 11 Jul 2024 15:32:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 25 KB
25 KB 86ms
39ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

34463eacf6e58258159239a58cbc00efaa9c9d939ece148575466969733251a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/

Response headers

age: 91384
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:11:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:11:13 GMT
last-modified: Thu, 14 Dec 2023 02:01:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25444
x-xss-protection: 0
server: sffe

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
24 KB 87ms
40ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

82cde214cf2d2e85bbdfca3c6fe1921cd21130d4976a84ac72c66be74e72ee4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/

Response headers

age: 89254
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:46:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:46:43 GMT
last-modified: Thu, 14 Dec 2023 02:02:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24676
x-xss-protection: 0
server: sffe

GET
H3 200 1.png
turnanewleaf.org/wp-content/uploads/2024/09/ 158 KB
158 KB 104ms
104ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnanewleaf.org/wp-content/uploads/2024/09/1.png
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-core-unified-tb-25005-tb-25004-deferred-5500.min.css?ver=1725987939
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a40e3761cd0d1648f8092e965ddbb6daa4ea9c06356d11168d6f14f26281ea5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/wp-content/et-cache/5500/et-core-unified-tb-25005-tb-25004-deferred-5500.min.css?ver=1725987939

Response headers

server: cloudflare
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "66e07c1f-3f8a6"
cf-cache-status: HIT
cf-ray: 8c8a04822e8c58f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origFmt=png, origSize=260262
content-length: 161850
date: Wed, 25 Sep 2024 09:34:17 GMT
content-type: image/webp
content-disposition: inline; filename="1.webp"
vary: Accept
last-modified: Tue, 10 Sep 2024 17:04:31 GMT

GET
DATA 200
OK truncated
/ 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f35a8b4eaabe41900b24a60ca1b3d6081d8bd6aa9a5b6c0de4c246306e3ce82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 208190543196346 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 178ms
178ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/208190543196346?v=2.9.167&r=stable&domain=turnanewleaf.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

862abcea7228f65c6f872282fb345e045964c5672d8b762d6e98fdc73f213e40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=74, mss=1232, tbw=67139, tp=63, tpl=0, uplat=136, ullat=0
pragma: public
x-fb-debug: PPQheskWy9AdcMjW6yIyqKjxRq/zid+jeYQaLH43pOy7DZc2p+DMQX+iTqmXe/2XZ+23BidCGx4cymJF+rnNDw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 button.css
app.dafwidget.com/public/ 3 KB
1 KB 117ms
117ms Stylesheet
text/css 23.21.33.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/button.css
Requested by: Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.33.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-33-87.compute-1.amazonaws.com
Software: /
Resource Hash: d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: gzip
x-cache-hit: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 905
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 31 Jan 2023 20:42:55 GMT
vary: Accept-Encoding

GET
H2 200 681e521407f6.elementsApi.js Show response
static.fundraiseup.com/ 128 KB
40 KB 104ms
92ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/681e521407f6.elementsApi.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad7dab692894c6a3d05b01a0fe14f0992660216c2bb8c9d826868c081a4b1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"22e31a104d1dfb9b75812ab8f72ee8c4"
age: 1158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxKIMhEFGatZR%2FNhVmhwqJPgpYlCSHJusI1BTYtrRUet56id4a5RsgA2lgN0lDVMuTBtpaKwCEW9KyaY8IEqHfj31%2FLz4vetwueQ0wJeVLMbcPpbiF3W1gF%2FOydxBGxjZ21Mxxhy%2B6k%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Sep 2024 08:58:23 GMT
vary: Accept-Encoding
x-amz-id-2: pQ8XsNqsgJhhjnepn+CYbx9lE00ucUqPNkD0fqu4V4gvRbt5gL4UaNukaV4bhgTXRNJA5hd5MR4=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E23KCGCKQEZDX7PY
cf-ray: 8c8a04837fc41901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 AUXZFGRT.js Show response
static.fundraiseup.com/embed-data/elements-global/ 505 B
758 B 104ms
93ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/AUXZFGRT.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90315ff61a61d025e12fdb0d9908e40532066057ae98b8607f52305d19a80733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3373f162c171f5c763a9c34ea7133a7a"
age: 31229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QqSagfIE1JfdZBrcx40ydUqcgYBJ2zJIesD%2FnnO7GYlf4gJaPPPO19b%2BGBjHPVZlbKZ8TbS55SxmY3UrdO64ij3kanou5IPaGyjGgM5z8ddU9aVp8wDTof95bhEmo5Z%2FLwAn%2FzwutoI%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript
last-modified: Tue, 24 Sep 2024 21:02:20 GMT
vary: Accept-Encoding
x-amz-id-2: 6KUEbnPny/MlWV/Iaqx6NNqr+CLuUGw71Pn8vaZ8bNyhvJ3DU4sxSjPV/MnN1CBEITtGv/FBkYI=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NGQK03MNYDZMZ2S9
cf-ray: 8c8a04836fb21901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1199.6ee8e1d36bf3.async-vendors.js Show response
static.fundraiseup.com/ 98 KB
36 KB 64ms
53ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1199.6ee8e1d36bf3.async-vendors.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f665450a94db55dc1d8f0c43d476eb530eeb9019a083a8bc205a72e82f36ef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"92633798b1c930c52ae1979d01f6238d"
age: 2336045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJQRe2MJOT0lveAqT5FlEOZHjx2Jx4pOGBE8Rvg93klUnurieRomYH1Q2Tp3dCsGlY5ChkqMWgqwMQ13l2Hb3HKGGswe4sJNpw6%2BDRTpo8IbQAQDZ5hHX2PAQgpWWsaGL3lIunUjtpU%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 29 Jul 2024 08:21:19 GMT
vary: Accept-Encoding
x-amz-id-2: AiSf3e7Av5eCbc4/3SLSZcqGyH+mNRJy56veR8oEqrd6NqHWUOlljSzwhg5cUVDCEkrbxsal7rg=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5FN5BGSKT013HRZ3
cf-ray: 8c8a04836fab1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1590.a9979de416ac.elements-langs-vendors.js Show response
static.fundraiseup.com/ 323 KB
58 KB 71ms
60ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1590.a9979de416ac.elements-langs-vendors.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec87bf85af37eb1e44b799a0a119b6470fb81cdab624d9060ab36958ea299516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"bef7ede5fd001da2b3a3e6fd48eca1f7"
age: 90305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oziU3LFdxxLjSt%2BqamlY0AEN6U1nB9MJy0hv6LLnSSnxdRueT28O3YWisLYaJ%2BWgczME7MaeA0YXOI4JtNrtn%2FjbI%2Fo%2BmhnhpHkzuyxxhDoVg6t4PjC93UXfcp%2BSO3yK%2F5v2JbQOxN0%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Tue, 24 Sep 2024 08:12:52 GMT
vary: Accept-Encoding
x-amz-id-2: 6V2JuDMTZCnxXBDPuKmo8HUE5R6WGXZCXqMcA1xWynYfdZYdixgzMChIaVGdyqIjkpltuwilnVc=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R08P4DK1X2CD3KGS
cf-ray: 8c8a04836faf1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 9554.7fd9eb1bba68.elements-vendors.js Show response
static.fundraiseup.com/ 55 KB
18 KB 66ms
56ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9554.7fd9eb1bba68.elements-vendors.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77daccc9ecdbfee1151c63e1b1739bd307af80a4a61d4330f1b3257d3a425e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66fa57f59f624079a9a24893ee14c7f5"
age: 176636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcTBwb%2FVednvqCZDgr%2FB6oY4LqEVx0x7mmOill3UeMuXCIUUzXny1zEyJ5Ju2MlljkTrsqiBxXjXJPXMGmswQGvD8ECru7PVnwWfls8NnHMno69vkmIxyaaT0x32Hb4j%2F6eLQ%2BczN50%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 23 Sep 2024 08:13:09 GMT
vary: Accept-Encoding
x-amz-id-2: ixq9hvt/btU1sidvvcxPMRiqNO+tHnExYZiN2/a1OapH0MrIEpnSK1Y6y6S8wH40uxntLKv9bDo=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7Z93V65ATJSCX9N5
cf-ray: 8c8a04837fbf1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 checkout.b13e9cec42b9d5fff82e.js Show response
static.fundraiseup.com/ 1 MB
289 KB 103ms
92ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.b13e9cec42b9d5fff82e.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33716e4baaa85babc30a745ddcde50a777034bae05d52d72a3d9f6eb63d4caf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b6d898f2e1ba0ab57ba6465cde4c56b4"
age: 1158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDxLibKjzHM%2FELBHYYHVVRoPV%2B9h01gvxHvfg2o%2FnE3DjdJKYq4MgnnAyGfeAh1Ken3hWIa%2B1wulvztKSLdDQ0aDZfxY72ODqIAAfeUmG%2Ba4ag5oZdOj8NbFl9Z3IYnwWdR4CFltTqo%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Sep 2024 08:58:31 GMT
vary: Accept-Encoding
x-amz-id-2: 6ag/rEI2XOttsZ45pwxWxdmI85iNguMXKVE7fCJ/kXe4LhxaPK5XepeS5LTvrScjpOECk/dmNfk=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E23QPBK82XCH3M8T
cf-ray: 8c8a04837fbc1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 checkout-vendors.39268c869f832a863c96.js Show response
static.fundraiseup.com/ 290 KB
89 KB 102ms
92ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.39268c869f832a863c96.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6aa07b1db07726a1368a8307a8f36d54b3a4f6a056e9701455ef21aecd171e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"97f027e43e8ad8d8740f1184ca399933"
age: 1385549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWzorxnOvNhJiEZF0Q74rVrrETCGcK4ZTokCYBZ0638KIz9j9fmezYe683laMFe%2FlAizAXEBcRQ2%2BJs6LBmai6jBoezcCf1NmK%2Ba2%2B6ZW%2F3nGegzhNo8XQMRPUNycDGxclUGEO%2F9II8%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Sep 2024 08:26:02 GMT
vary: Accept-Encoding
x-amz-id-2: 0SZxjAQtHegoY0QUBembigr/NFT04neEcYL0B2VoktWPxJgfWQ1DAVTvTDUypl2pdG7/9Xna53M=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1NHCXQ9NMCQ2ESEQ
cf-ray: 8c8a04836fb41901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 checkout-styles.f9b9bfceb9422c3b80a6.js Show response
static.fundraiseup.com/ 107 KB
19 KB 103ms
93ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.f9b9bfceb9422c3b80a6.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0935719ca1b5ddd0342908d6075e926366b12d1ce2883a8a736e780100da192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"cdea1c86d99e85dd5cb8e156cd8caf9e"
age: 3795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eu%2BlpQEBKgVEtxLGMA0hwCOUX2dxgHjqnPm9QfEgvqS30J2z0MU%2B18JauguD9RHDvqbV7caMoLHwvORigUz5MFqLdFhX2wigOlb1HiemLj7JjCV4FnlMls6QJAGDDzFGbtSJ803pye0%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Sep 2024 08:14:30 GMT
vary: Accept-Encoding
x-amz-id-2: NTl9zgv0CYQVzF//5/t5LyvEcAjjhKXp0F9UPlQB+CM4uQ8m/l6dcHxmISFhEwGtGto3+NwFv08=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RF5TAEN8WXDV34ZP
cf-ray: 8c8a04837fc21901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 checkout-sentry-vendor.47fcbda2ddf8612ec4a9.js Show response
static.fundraiseup.com/ 264 KB
81 KB 104ms
94ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-sentry-vendor.47fcbda2ddf8612ec4a9.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f5a2d3db6d5ff7574b6a6912d6fdc22b32546f95f9514a7ff38716e2a9749d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"94d9ba6f66ffa788b99a065586c7b27e"
age: 260258
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jg%2FS1iVZR60r1QIsaKeMMNi3YCAPShudx%2FPVC2Peg7YM3SwaX62DSD23GWlFru9tyG9plEQZjsSZr2kqd5YU2hHEj4wl9Iaevob8I4iW55uomHTG2kKytPLFfOTNKRJvXv3fup4xTSI%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 22 Aug 2024 09:00:56 GMT
vary: Accept-Encoding
x-amz-id-2: jnpWzRU7okGwc0IrsrPj7F63GRsGTHgE5egy96N2dV7gIXY7nQSP6PosXCZNug7a+5woFWQtiM0jjebcr/mSdDfjPtNv3/cfoIeyRKfFAt0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9YWYDCKTPPX3AQKM
cf-ray: 8c8a04837fc01901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sentry.3872c110be5ca66818ee.js Show response
static.fundraiseup.com/ 3 KB
2 KB 102ms
92ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/sentry.3872c110be5ca66818ee.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243aa33711fbd2168d4ad2fcbff798e4d9313ec3aada4328c0dfedb93ab69e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"ee917efcdbb76a20fdbf8b7fc4b7210a"
age: 176636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMKoggN5yFPOClx7tSqIXKI5bHiEM3TVIs9GQ3ZZGV%2FlVMHsi7IU01VqM6xC15JWoOEql9L4KFfNiLcADoBck4%2BSazomo6Owsla6n1QNHfgGazIAZu%2BxQ8NjFtt3lHz2BlQJ7hw0PHQ%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 23 Sep 2024 08:13:11 GMT
vary: Accept-Encoding
x-amz-id-2: tdeJAk3VYJhkCMLUGRwMEOf7P9b5Cdwuhk6YIi/5JkJV3mzpT4RfJ7ysNuiucs3W1anw/HG79XA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7Z98RBTK0NJTEXX7
cf-ray: 8c8a04836fb51901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 200 tb
fndrsp.net/ 2 B
456 B 209ms
147ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AUXZFGRT

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7h%2FaGB6xJdwJdGPArfV3VJQ479dtWX4uaepIJJVx3FlsaD0zEBOH2KrF9Ugl9ywRxcuXY8ZobH1gmQHdslCRX9cpQghWQuVztp0PS0bQxzXrgW%2F1u0x95fY8yHU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c8a04840c6d1c22-FRA
access-control-allow-origin: https://turnanewleaf.org
date: Wed, 25 Sep 2024 09:34:18 GMT
vary: Origin
server: cloudflare

POST
H3 200 tb
fndrsp.net/ 2 B
426 B 395ms
333ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AUXZFGRT

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lu32%2FM2HLiymrSq6LM49lm6SdSRfJF9J%2B8QUgKZeg4N7ywOV3HyOUDKRi5jgLqU5esEHOnF0xaOagrIILcfpX%2FrQ%2BRoZ3b%2FR%2BV9MFAC4jSSlf1en20OYqjulDZd2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c8a04840c761c22-FRA
access-control-allow-origin: https://turnanewleaf.org
date: Wed, 25 Sep 2024 09:34:18 GMT
vary: Origin
server: cloudflare

POST
H3 200 tb
fndrsp.net/ 2 B
421 B 422ms
361ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AUXZFGRT

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaWbi49ywm%2B72I6EsjM61kkvyF2w1dpd72eAKdBHn5m1a8dMgcPd2%2FWyJMeKbC7ngR3ohO%2F%2F5kH27EfysX66u%2B9BIP5kVnUDsgnKeLl3pvuiHzbzflBiX7BbDvYH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c8a04840c701c22-FRA
access-control-allow-origin: https://turnanewleaf.org
date: Wed, 25 Sep 2024 09:34:18 GMT
vary: Origin
server: cloudflare

GET
H3 200 et-divi-dynamic-tb-25005-tb-25004-5500-late.css
turnanewleaf.org/wp-content/et-cache/5500/ 10 KB
2 KB 87ms
87ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-divi-dynamic-tb-25005-tb-25004-5500-late.css
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa9795791363a807ea05952a52f17eb7113b17bded421d70c53129364d7a262

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66e07c63-293b"
cf-ray: 8c8a0483b99e58f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 10 Sep 2024 17:05:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 140ms
37ms Script
application/javascript 2a02:26f0:480:15::213:7e4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

cache-control: max-age=24914
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 25 Sep 2024 09:34:18 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec07b8668e4cb130a4cd577b925207d0e029cb6857252ccde6e8de9a5e1c441f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 modules.woff
turnanewleaf.org/wp-content/themes/Divi/core/admin/fonts/modules/social/ 10 KB
10 KB 94ms
94ms Font
font/woff 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/wp-content/et-cache/5500/et-divi-dynamic-tb-25005-tb-25004-5500-late.css?ver=1725987938
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/wp-content/et-cache/5500/et-divi-dynamic-tb-25005-tb-25004-5500-late.css?ver=1725987938

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "66957f5b-2850"
cf-ray: 8c8a0483d9e558f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10320
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: font/woff
last-modified: Mon, 15 Jul 2024 19:58:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 new-leaf-logo@66.png
turnanewleaf.org/wp-content/uploads/2021/03/ 7 KB
7 KB 146ms
146ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnanewleaf.org/wp-content/uploads/2021/03/new-leaf-logo@66.png
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb34f28afb0b0274a8d71f226f0694ed432e1c34ce828e1bc2389187c3d12132

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "668ffe95-51b5"
cf-cache-status: HIT
cf-ray: 8c8a0483e9f458f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origFmt=png, origSize=20917
content-length: 6890
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/webp
content-disposition: inline; filename="new-leaf-logo@66.webp"
vary: Accept
last-modified: Thu, 11 Jul 2024 15:47:33 GMT

GET
H3 200 ANL-logo-standard.png
turnanewleaf.org/wp-content/uploads/2021/10/ 4 KB
5 KB 79ms
79ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnanewleaf.org/wp-content/uploads/2021/10/ANL-logo-standard.png
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2bca20ccf783582e1de925bdecff0c2c8573a10d4a3ce511bdf288dbd44f2c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "668ffed3-218a"
cf-cache-status: HIT
cf-ray: 8c8a0483e9f758f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origFmt=png, origSize=8586
content-length: 4438
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/webp
content-disposition: inline; filename="ANL-logo-standard.webp"
vary: Accept
last-modified: Thu, 11 Jul 2024 15:48:35 GMT

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame FC19 0
0 96ms
56ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://turnanewleaf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 16269
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8c8a04843e941b36-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 25 Sep 2024 09:34:18 GMT
last-modified: Wed, 25 Sep 2024 05:03:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJJbwfHak0GkblJbmaE8fYXfkwZ2%2BthKj%2FLQciHqOYkVyRdZvP6xv3j6UfYe8fmoTXEL9TuHrTduVUBWQeYwCGrytqQdgNA5%2FEg56ufy6AiE66PctSTPwOS6IE9O6%2F%2FUt6kD51%2BY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.D0Uc7kY6.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 108ms
69ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6fea96ea56ee4fff557b8776f9c8c3a6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVeAN9ctKVT3%2BGr86KiCIkxUA6yxwmADcX1oCIVcDm9cdE0CoPjSVHE%2B6Xce6x74ThfZFekFmWBvOWX4EUkNuw9oIwqFSC9jTNDoFhdV78%2BpULy%2BJ929qG7GEjqvJVahbHIeeaqH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c8a04843b03d282-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 XWAKYFXD.js Show response
static.fundraiseup.com/embed-data/elements/ 11 KB
2 KB 56ms
55ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XWAKYFXD.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AUXZFGRT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050d855f676af402d84d7957533b11e77c8f70d3d8b7110c4fdd8c1d41c64be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4db511130c6c8a54c2bf2e56aa24d02c"
age: 13406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZ5G%2F2SiWSB6hXEbtd95Vx7dchg2fepDiK29ZEwpYTxiXYAjy%2FGvbSforAMDp9TxZf%2FW%2F42DSumJar%2F9suW0i0NhG4UMNcVSDbhMKgRuyfnRB0DlDmMhXko0aKQiEPpbM8GUYzmTV%2BY%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript
last-modified: Tue, 24 Sep 2024 12:03:42 GMT
vary: Accept-Encoding
x-amz-id-2: exc7WSDWNBXCkupsBDnqaoeUIoNdRLRUJrRT8GRfHhlP7N0TjVAXXpI9yVF6a2ufHY1OTK93cvA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 87JWP5ZXWZZ49REC
cf-ray: 8c8a0483f8531901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
97 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NG2M20Y90K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17387119-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96d318b8502f3585f28017a222ad4f22bdd3a02ecd72f5abe3821c1e5f03cd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 25 Sep 2024 09:34:18 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98873
date: Wed, 25 Sep 2024 09:34:18 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17387119-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 483
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 11:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Wed, 25 Sep 2024 09:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&tx=81e92d87-c954-4754-8cd5-eb2deece419d

43 B
235 B

262ms
157ms

Image
image/gif

2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&tx=81e92d87-c954-4754-8cd5-eb2deece419d
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
pragma: no-cache
expires: -1
content-length: 43
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/gif
x-cloud-trace-context: 91904fdc1a3ff2cbee7a4d4d2e5c96d4
server: Google Frontend

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=BHDogF15lMmQciD2vqW1f7KZZBQO&src=mh&tx=81e92d87-c954-4754-8cd5-eb2deece419d
content-length: 173
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/html; charset=utf-8
x-cloud-trace-context: 5037861080d55fabbd70e8a613304db1
server: Google Frontend

GET
H3 200 en-us.svg
turnanewleaf.org/wp-content/plugins/gtranslate/flags/svg/ 6 KB
1 KB 111ms
110ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnanewleaf.org/wp-content/plugins/gtranslate/flags/svg/en-us.svg
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66ebc942-17c0"
cf-ray: 8c8a04842a6758f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 19 Sep 2024 06:48:34 GMT

GET
H3 200 es-mx.svg
turnanewleaf.org/wp-content/plugins/gtranslate/flags/svg/ 21 KB
6 KB 102ms
102ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnanewleaf.org/wp-content/plugins/gtranslate/flags/svg/es-mx.svg
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9acfbb18ba9618520652d5e230a1f334689f1415bcbc860f32870088e91eefe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66ebc942-5222"
cf-ray: 8c8a04842a6b58f6-TXL
access-control-allow-origin: *
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 19 Sep 2024 06:48:34 GMT

GET
H3 200 1027422224693836 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 118ms
117ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1027422224693836?v=2.9.167&r=stable&domain=turnanewleaf.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d4044905901059df0d01f00bdacfc38eec26c3fc256494ef88920ea22a03c889

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=87, mss=1232, tbw=82915, tp=79, tpl=0, uplat=78, ullat=0
pragma: public
x-fb-debug: dAs+CmFRAjKyQqBaiyvC/AJGuDky/RP00noV7oYwvoiP52l3kh24uWGbYaB1G7hDwFYUfau3G2dONQWAUwuBUA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 124ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=208190543196346&ev=PageView&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&rl=&if=false&ts=1727256858356&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727256858347.350992984943897506&cs_est=true&ler=empty&cdl=API_unavailable&it=1727256858044&coo=false&rqm=GET

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 716ms
631ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=208190543196346&ev=PageView&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&rl=&if=false&ts=1727256858356&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727256858347.350992984943897506&cs_est=true&ler=empty&cdl=API_unavailable&it=1727256858044&coo=false&rqm=FGET

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418511718723722397"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Sep 2024 09:34:19 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418511718723722397", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 4v8vlQsoWMkkxpaeoG0TevX3uqXl8Q6/I4PEpGbIWHlR1x+Mndq8vzzd2U4ipkNMebNFflY8hUoto8MEY3ai6g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1297, tbw=6578, tp=-1, tpl=-1, uplat=592, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 8106.85dcbe0b0aa3.8106.js Show response
static.fundraiseup.com/ 25 KB
7 KB 52ms
51ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8106.85dcbe0b0aa3.8106.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fdb71fd9f8cdd606a7739d45a88dd929dbcf1cafa50b0a2da04e78b93ff636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"02fe2722dc5012068660fcd633d34cb2"
age: 2336048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO3frNepG2wS9YGCF2JP6G%2B10n2Le0oonbevpygR20VTQvrcRtTaGybTeT09kVYzLb%2FEOXFKHDLEQ9rQWg6MBC011L9ZuRR80tI4QPm2ImXIr6sBZW4osNgqJRGXYYr3qc3pOi5AR7c%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 29 Jul 2024 08:21:23 GMT
vary: Accept-Encoding
x-amz-id-2: BKEvkhzks/b9hZw60Se+3M/ta8kHaf4DBgUr2SvUO/lRx7vFPcGAUK/LtYHlHnvZcrwE4OkU9Tw=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5FN5Q2SDJZ1JYTA4
cf-ray: 8c8a048529931901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1210.0a7696fe2c90.1210.js Show response
static.fundraiseup.com/ 27 KB
11 KB 56ms
56ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1210.0a7696fe2c90.1210.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e240d7e1922158deaf28604c08f94bf425eeb83337eced1a220dfa3272f6d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"f5785c52891c842953af7167cad40892"
age: 1385476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxKuo6opIQ8fIB8w%2FPYuCOrknpqSZ3mvKub6kFuCiOD5%2FKNAjP6tgSX36TCCjGSoTZ7QHCkyZYSnKM0KOFX3ptp19Hfw6yqnvrZ4yObBrSQMPAGgBW1eblU53HunKN7XnPqIgNkf72I%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Sep 2024 08:25:46 GMT
vary: Accept-Encoding
x-amz-id-2: 89Yx3WXTB7EOwiP/2bl23iCXyIINQkt9OloGZcF4alRfipdLUKrtr6eQyi0m5xfDyxRQP063oek=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1NHCHH0NKFSKHET5
cf-ray: 8c8a048529991901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5360.c3c88ec1f5f2.5360.js Show response
static.fundraiseup.com/ 10 KB
4 KB 53ms
53ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5360.c3c88ec1f5f2.5360.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e3ee1f4e6c609590f6ab593345e11e0187d3b33c80a5d72abb2fd59609673f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e0830d38e93b85c7ac53e813d09c45b6"
age: 430960
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bhHwGblM7o38QjM888jO8mOaWyrjXcUH0s%2BqNgWtgjyiN2svs5e%2BYXM5KWYBnWOoju%2FtzPw16A1DBZg7F3qVMkKrb6nREutZllayI5XliSOsYlaEx8MsfKiMSjirOhqNnaUIR12kYY%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 12 Aug 2024 08:15:09 GMT
vary: Accept-Encoding
x-amz-id-2: /uYh5Cpx5vAaScDYkimf1u5/DCSVk3rWDoMI10fw42dx84r0ApY2gMg7CZ/DUsrO1ijCSHTGFjw=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AQACMY60HEQQHP48
cf-ray: 8c8a0485299c1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 149.28dcf64587a1.149.js Show response
static.fundraiseup.com/ 13 KB
5 KB 52ms
52ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/149.28dcf64587a1.149.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f7efd89716cbe10fed006df1fdbdd6c67ed7915a5cb8e04bb38b009f9ecc11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b4d2b3d4fdbb19219804d116bfaa9003"
age: 522260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S0IhU5W0lp7WXxaRmru%2BE0dtLP%2BFQ70R4aiYDVKu%2F7yJtc4LelT4d8zzU9bFHaSyuujD4viQrOsf0iopDfEumRN2LaZcqdEdHG65Ojp5%2Fxf%2FJXoYVt%2BvV6R7%2FCFl2QoLP48BtNQ1j4%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 08:13:34 GMT
vary: Accept-Encoding
x-amz-id-2: jZPkrFDSUn8bPA768WsBChnfyCKDDlrge9vINPOezh28WKfi0KcG6/l+AiLsiYr4T5F71k3fUEk=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GZ2F2JFDYNNKMGK3
cf-ray: 8c8a0485299e1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 3200.2d897a913127.3200.js Show response
static.fundraiseup.com/ 14 KB
4 KB 56ms
55ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3200.2d897a913127.3200.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1f650a37d0a06f0d6470a2d421eaef1bbabf38a3b8971e3a38a8eb43eff07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"adf6775454639c9496948bd166b37db8"
age: 1385476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBEU%2Fco66tRMtB7Xzke19LMzuwLGvN%2FM4800vh3HbtzArz8G3OyoXXAUFZp5%2FZHZO1DeCxzNGCzJTOfye3ljH68phk3e38AU4bANEVfpUSU5bf%2BsxMvOe%2BLLORJG3bRt0N9y82RlgCQ%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Sep 2024 08:25:50 GMT
vary: Accept-Encoding
x-amz-id-2: 5aDhzC6f+/u3DzMQ0j8xF7wK9Qn2hGczk7oGIo9zatDF7IBBTwXFP89gBAHSUQ3VkssFA/Nb/0g=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1NH6FTXSGB7FC2RJ
cf-ray: 8c8a048529a01901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2366.9d641e5bcdb0.2366.js Show response
static.fundraiseup.com/ 21 KB
4 KB 54ms
51ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2366.9d641e5bcdb0.2366.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9249291f6a7e3929fecd56962398d89367f689f4e4523bd9219e2b4756e9a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d0bde404e0bb5856be9d3ad3ad00c10e"
age: 522209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMsYcKN7XxKM5VgpUhIjFX288Vkupvk3k1Tk72oi3SSTGolYSu3yAdJQvDpjGYmTLbwJWyg1oNH5hvJ7ewNQhmkyWYnsHxsuVitqk%2B%2FqgqOQQQW6crMGrTp7xXCDlEMxNwqVGaAyuPI%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 08:13:36 GMT
vary: Accept-Encoding
x-amz-id-2: UnD/Ab7n2VRopROIVGU94k4Unx02ZPmvUCdgK8GN+MJYyCO8corx4o9vq0YF26/vZ+L9H0nZ5TsUGfQMXS+Ukw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7WRAY8GG25QXGWZ6
cf-ray: 8c8a04858a141901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 7950.c5ae3c952dec.7950.js Show response
static.fundraiseup.com/ 13 KB
3 KB 58ms
57ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7950.c5ae3c952dec.7950.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979be6bf2edccda914ace9029634ef66f5d73a7463cb19f5719123734c780421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e6a72ab095e79ec80fe1937cd1b1dbba"
age: 3774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnpggF70Ek4LTZXl%2BSBps9xVMv5DzKbVFua1c7xSpFnXDyl79n%2BiinVMpZFhibSCQSGauRFeDHUvA5vdQrRXCWblBuLDWzOlydykCBk1jlrRLx6%2Bk%2Frw7jKW%2B7NVRdb7wF5D4dbZTCI%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Sep 2024 08:14:25 GMT
vary: Accept-Encoding
x-amz-id-2: 1CN2A7xHMXuZ1qoSoTVc5dRDetaebN1BfNf+XxCyO3m1WHco2H9QrFFLksKwY0F6g5ge8u3CRIPT5Evd2Udh8sElNb6oSdzV
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 406XP1NC338MDZ1R
cf-ray: 8c8a04858a191901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 8841.b18025422f1c.donation-form-v2.js Show response
static.fundraiseup.com/ 70 KB
20 KB 53ms
52ms Script
text/javascript 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8841.b18025422f1c.donation-form-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/681e521407f6.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e2458659281c1a9c12342e4c3b7b5959d2e2087c967378ac8981c0fbf462634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"692d01067e13aacb52153382de327f9f"
age: 1026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9cu7gWigaBDvM%2FPYsSAE3Uv%2FKhKdiTy9X0HNszjs%2BIAgxHxQK6RhdAPHhhAuSNkg%2B%2B3PygiVY2trAWnuY52USnlh37sVHQVr3RvnCPrJZDKCABbeN5IsI5RP2J0Jmpo6bSffurpLsk%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Sep 2024 08:58:27 GMT
vary: Accept-Encoding
x-amz-id-2: 34w1FdwyVL+HqqDN3D7cX0eqgyYp1ZvvjccwErueQ2ET4VkHgQ+4VDSUKLXBBZq2nX9cxHxIcn4=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TCRT92EQAYR7E0QC
cf-ray: 8c8a04858a1e1901-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 131ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NG2M20Y90K&gtm=45je49n0v9116370153z8858167612za200&_p=1727256857912&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1395106163.1727256858&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727256858&sct=1&seg=0&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&dt=Donate%20To%20A%20New%20Leaf%20%7C%20End%20Homelessness%20%26%20Domestic%20Violence&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2786
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NG2M20Y90K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://turnanewleaf.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 151ms
52ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NG2M20Y90K&cid=1395106163.1727256858&gtm=45je49n0v9116370153z8858167612za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NG2M20Y90K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://turnanewleaf.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 123ms
76ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NG2M20Y90K&cid=1395106163.1727256858&gtm=45je49n0v9116370153z8858167612za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1386482379

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 25 Sep 2024 09:34:18 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 391ms
216ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://turnanewleaf.org/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000622ee537ff30852f9a3ab37a5b464
x-msedge-ref: Ref A: 9B8DE7332D7C4D34A5E9052537686FB4 Ref B: FRAEDGE1212 Ref C: 2024-09-25T09:34:18Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYi7lN/8whS+aOrN6W0ZA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&e_ipv6=AQIsPdwRylrRNwAAAZIoiA_5wxEwE1gQ07LAc1b4e1BIna7eccIj4eI9DAKl9ypG...

0
266 B

262ms
166ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&e_ipv6=AQIsPdwRylrRNwAAAZIoiA_5wxEwE1gQ07LAc1b4e1BIna7eccIj4eI9DAKl9ypGXDKeT2o
Requested by: Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 179BE2B5CB574662812C03655BEF5E7C Ref B: DUS30EDGE0822 Ref C: 2024-09-25T09:34:18Z
x-li-fabric: prod-lva1
x-li-uuid: AAYi7lOCSjm5oMs4jm4O6A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4325708&time=1727256858440&url=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&e_ipv6=AQIsPdwRylrRNwAAAZIoiA_5wxEwE1gQ07LAc1b4e1BIna7eccIj4eI9DAKl9ypGXDKeT2o
x-msedge-ref: Ref A: 37D7232AB0B34DFBAA4E3FD2BE700753 Ref B: FRAEDGE2018 Ref C: 2024-09-25T09:34:18Z
x-li-fabric: prod-lva1
x-li-uuid: AAYi7lN+STVpXX51chAfEw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 25 Sep 2024 09:34:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 46ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1199084356&t=pageview&_s=1&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&ul=de-de&de=UTF-8&dt=Donate%20To%20A%20New%20Leaf%20%7C%20End%20Homelessness%20%26%20Domestic%20Violence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1390093379&gjid=1062005845&cid=1395106163.1727256858&tid=UA-17387119-1&_gid=1024949364.1727256858&_r=1&gtm=457e49n0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035&jsscut=1&npa=1&z=666546063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://turnanewleaf.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://turnanewleaf.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Wed, 25 Sep 2024 09:34:18 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 39ms
38ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1027422224693836&ev=PageView&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&rl=&if=false&ts=1727256858523&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727256858347.350992984943897506&cs_est=true&ler=empty&cdl=API_unavailable&it=1727256858044&coo=false&rqm=GET

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=3184, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 435ms
434ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1027422224693836&ev=PageView&dl=https%3A%2F%2Fturnanewleaf.org%2Fdonate%2F&rl=&if=false&ts=1727256858523&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727256858347.350992984943897506&cs_est=true&ler=empty&cdl=API_unavailable&it=1727256858044&coo=false&rqm=FGET

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418511718871680376"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: OQ6GXE/D6WYqQ9IfQKS6yle3XYpQ7Mqulj80MCqa/z1kmVWG/5RfhqFpH2hENCAxIST0IUu5L0Y4Q4TXsEvXUQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418511718871680376", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1297, tbw=3331, tp=-1, tpl=-1, uplat=394, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 ibmplexsans-v19-600.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame BB44 59 KB
60 KB 234ms
153ms Font
application/octet-stream 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibmplexsans-v19-600.woff2

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7675dc861b83880d95bd74152c397b7a1d8b1adb5caf47b2519a390dd58c3d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/

Response headers

cf-cache-status: HIT
etag: "7bf70a9be49804e68eec46ae565c46ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EurR6AnvZE5EA%2BVG%2FYaKRAnzgfLW7rusjG9f7qPBF7XTKEcK26gL9CjBMo3olCl9fTHOlR3ic7WRh%2F%2BciEKM8mtu1M9UMcr%2BV2skfw%2F%2F0N1Pst3qjc%2BG6WxEnbOt8CaJSf4O6%2BhN9VE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 14 Aug 2024 09:42:57 GMT
x-amz-id-2: 080bXIGoNLA54ZbeBy4tpUVzR+INbT5zEQyXCfo/J1q9mkEpHqvdxP3XXvp1mdZiYOGQbXhlGzo=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EM0HPGZ1HRBTED8H
cf-ray: 8c8a0486ce6c3642-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60464
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ibmplexsans-v19-400.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame BB44 55 KB
56 KB 244ms
164ms Font
application/octet-stream 104.26.4.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibmplexsans-v19-400.woff2

Requested by

Host: turnanewleaf.org
URL: https://turnanewleaf.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712ed3429bf093fbc63dafba14a3ed7034a083559f638c7b5247b1c6367907ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://turnanewleaf.org
Referer: https://turnanewleaf.org/

Response headers

cf-cache-status: HIT
etag: "b3d77a069162cf3bc9d1c7fe7ca9b231"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8KaQkIIUQ5iCLO%2BFXAFH0lBU1kQSJ8dytBl9jhdK8IiBjlTfD%2B%2BxqnLCSaWK2bydTz8HaffcwTJ%2FnvWsDECry3QVbQOoahDcOtzItH01AuKYFwXMNwBRjVI1sA%2FYv9Le8f6uOEgZ7A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Wed, 25 Sep 2024 09:34:18 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 14 Aug 2024 09:42:57 GMT
x-amz-id-2: 7+a94zRXpYIjUL9V2qEvWxsUJdMptMks9cRd4fma8T2VWOckzEgsLLxdrEm5oV9JMSFKuUy9dy4=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EM0SVTFVCZ64MEZ9
cf-ray: 8c8a0486ce6f3642-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56612
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 138ms
137ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnanewleaf.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4F7547295F7045FFBCF5976653528E2F Ref B: FRAEDGE2018 Ref C: 2024-09-25T09:34:18Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYi7lOE0PcAzEh8OHCtcQ==
x-li-proto: http/2
access-control-allow-origin: https://turnanewleaf.org
x-cache: CONFIG_NOCACHE
date: Wed, 25 Sep 2024 09:34:18 GMT
vary: Origin

GET
H3 200 cropped-favicon-512x512-1-32x32.png
turnanewleaf.org/wp-content/uploads/2021/05/ 412 B
649 B 72ms
72ms Other
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://turnanewleaf.org/wp-content/uploads/2021/05/cropped-favicon-512x512-1-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff324dd5e48bac6d799a7e090c47b8a1c2d907ad0a4d1c94992e8a3398dbd63c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://turnanewleaf.org/donate/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "668ffead-20d"
cf-cache-status: HIT
cf-ray: 8c8a04896cc858f6-TXL
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origFmt=png, origSize=525
content-length: 412
date: Wed, 25 Sep 2024 09:34:19 GMT
content-type: image/webp
content-disposition: inline; filename="cropped-favicon-512x512-1-32x32.webp"
vary: Accept
last-modified: Thu, 11 Jul 2024 15:47:57 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.turnanewleaf.org/	1969-12-31 23:59:59	Name: fundraiseup_stat Value:
.turnanewleaf.org/	1970-01-21 09:23:36	Name: fundraiseup_cid Value: 17272568581537702700
.turnanewleaf.org/	1970-01-21 01:57:12	Name: _gcl_au Value: 1.1.1129027377.1727256858
.turnanewleaf.org/	1970-01-21 01:57:12	Name: _fbp Value: fb.1.1727256858347.350992984943897506
.turnanewleaf.org/	1970-01-21 09:23:36	Name: _ga_NG2M20Y90K Value: GS1.1.1727256858.1.0.1727256858.60.0.0
.turnanewleaf.org/	1970-01-21 09:23:36	Name: _ga Value: GA1.2.1395106163.1727256858
.turnanewleaf.org/	1970-01-20 23:49:03	Name: _gid Value: GA1.2.1024949364.1727256858
.turnanewleaf.org/	1970-01-20 23:47:36	Name: _gat_gtag_UA_17387119_1 Value: 1
.turnanewleaf.org/	1969-12-31 23:59:59	Name: fundraiseup_func Value: {%22t%22:%22.turnanewleaf.org%22%2C%22s%22:%221727256858154%22%2C%22sp%22:1%2C%22x%22:%2220%22}
.linkedin.com/	1970-01-21 08:33:12	Name: bcookie Value: "v=2&fd24cc61-efb9-44df-8c69-0592e99c6583"
.linkedin.com/	1970-01-21 04:06:48	Name: li_gc Value: MTswOzE3MjcyNTY4NTg7MjswMjENnvX6Mp61cFlTAspX4sNWhz05qgSoCW73AyOvf5MV3Q==
.linkedin.com/	1970-01-20 23:49:03	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3350:u=1:x=1:i=1727256858:t=1727343258:v=2:sig=AQFBy_jX66RLPQIz8GngoUQA2RXl1R0Q"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.dafwidget.com
cdn.fundraiseup.com
connect.facebook.net
fndrsp.net
fonts.gstatic.com
jelly-v6.mdhv.io
jelly.mdhv.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
static.addtoany.com
static.fundraiseup.com
stats.g.doubleclick.net
turnanewleaf.org
www.anewleaftaxcredit.org
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.turnanewleaf.org
104.26.4.251
13.107.42.14
141.193.213.11
142.250.186.163
15.197.225.128
157.240.0.6
172.217.16.195
172.67.39.148
188.114.97.3
2001:4860:4802:32::36
2001:4860:4802:34::15
216.239.32.21
23.21.33.87
2620:1ec:21::14
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a02:26f0:480:15::213:7e4a
2a03:2880:f177:185:face:b00c:0:25de
033136b0ea791f68ecbba2e90a56d9009bcca5c736d9b508f7863c4e2e65e038
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
1857d05326665ebd708e4d65d2274ccabc9884d38b35d5bece41e65880b7a3a6
1a39da6449689e0d089b64e7888987fff06edb9f50f9aa43dbf6b861fef0a1dd
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1d5b19f81ae284a59aee36257fc8b157c4f48a99ef5692b038adb56ec48d09bb
1e240d7e1922158deaf28604c08f94bf425eeb83337eced1a220dfa3272f6d62
1f1f650a37d0a06f0d6470a2d421eaef1bbabf38a3b8971e3a38a8eb43eff07d
207bda4ee6a13061b6844abb9e40e48813914b1d6c934d021a09b240de156446
243aa33711fbd2168d4ad2fcbff798e4d9313ec3aada4328c0dfedb93ab69e9c
26b616ee5e3ad2b15308b377d0a414f65004810bfad392df823237d1505636a6
33716e4baaa85babc30a745ddcde50a777034bae05d52d72a3d9f6eb63d4caf1
34463eacf6e58258159239a58cbc00efaa9c9d939ece148575466969733251a6
3666f6584d5e2fa222db2ddce0a20d8b1f8a61141b6fe71df44e6cd2652e0d90
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
47d21bec11514b5e3fc172cc09decfba9ce21282859216dbcd4e3b80ce15a057
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3ee1f4e6c609590f6ab593345e11e0187d3b33c80a5d72abb2fd59609673f5
4f5a2d3db6d5ff7574b6a6912d6fdc22b32546f95f9514a7ff38716e2a9749d7
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb
60fdb71fd9f8cdd606a7739d45a88dd929dbcf1cafa50b0a2da04e78b93ff636
68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae
6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9ef12a801642d466a17e548ce8e32a3f94d13efa7d99732d4a6933ffd9a6f5
712ed3429bf093fbc63dafba14a3ed7034a083559f638c7b5247b1c6367907ba
72c5a762c06b80d7803bda03b4ed6304fe51c1484b70bad0cb873881ae1bb8d6
732d898b761e58cbe67c727ac7702adac9e2bcfb28a1a7cf493182671018c05a
7554067cb86a1900f173cc3876825fae285542c4b40852c00ecccfff6e53db3e
7675dc861b83880d95bd74152c397b7a1d8b1adb5caf47b2519a390dd58c3d58
7e2458659281c1a9c12342e4c3b7b5959d2e2087c967378ac8981c0fbf462634
7f35a8b4eaabe41900b24a60ca1b3d6081d8bd6aa9a5b6c0de4c246306e3ce82
82cde214cf2d2e85bbdfca3c6fe1921cd21130d4976a84ac72c66be74e72ee4e
862abcea7228f65c6f872282fb345e045964c5672d8b762d6e98fdc73f213e40
87c47e0a1ad58e25d7cf0f510b0b6fa454f9b547bd9a568eda091581cd215865
896d5aa36b3ca8d27c8dab83f8e77a30bf3332e7c730486b33f03bfdcf85454c
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a40e3761cd0d1648f8092e965ddbb6daa4ea9c06356d11168d6f14f26281ea5
8aa9795791363a807ea05952a52f17eb7113b17bded421d70c53129364d7a262
8f7efd89716cbe10fed006df1fdbdd6c67ed7915a5cb8e04bb38b009f9ecc11b
90315ff61a61d025e12fdb0d9908e40532066057ae98b8607f52305d19a80733
96d318b8502f3585f28017a222ad4f22bdd3a02ecd72f5abe3821c1e5f03cd4b
979be6bf2edccda914ace9029634ef66f5d73a7463cb19f5719123734c780421
9acfbb18ba9618520652d5e230a1f334689f1415bcbc860f32870088e91eefe6
a175fa763931095ab661c66a6f529cd260b0fec8ecafb98153fb3a80bb1cbb66
a6aa07b1db07726a1368a8307a8f36d54b3a4f6a056e9701455ef21aecd171e7
a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66
a7fee4e48e4aca8bf572c3ab69eb021190c8f67b5ea3bfb5c42799d309c603cd
a9249291f6a7e3929fecd56962398d89367f689f4e4523bd9219e2b4756e9a19
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aad7dab692894c6a3d05b01a0fe14f0992660216c2bb8c9d826868c081a4b1e2
ad723a2728411381ad7b709209d559f28221d97aea003ab94affb02e631e66df
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf09cc89b32cabd4db68ece97da899835b48f536487a7d7e86abeb82381f596
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d050d855f676af402d84d7957533b11e77c8f70d3d8b7110c4fdd8c1d41c64be
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
d0935719ca1b5ddd0342908d6075e926366b12d1ce2883a8a736e780100da192
d4044905901059df0d01f00bdacfc38eec26c3fc256494ef88920ea22a03c889
d77daccc9ecdbfee1151c63e1b1739bd307af80a4a61d4330f1b3257d3a425e2
d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4
dc8ac6a027bef5a402f2205a960535ff51064c87f68f7123375a539b488f253b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edeec6e066186075ac68ad8a19e3989cb0381589e8a145a79861dcecfdf24d
e8f3946c01da86dd72352e7e1e71badb9c0030f1980ed552901f69cec0248972
ec07b8668e4cb130a4cd577b925207d0e029cb6857252ccde6e8de9a5e1c441f
ec87bf85af37eb1e44b799a0a119b6470fb81cdab624d9060ab36958ea299516
ee988caec16e0465e6694e06d321e5ad04d77b90a5100f78acd57f9aa92bb929
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bca20ccf783582e1de925bdecff0c2c8573a10d4a3ce511bdf288dbd44f2c3
f665450a94db55dc1d8f0c43d476eb530eeb9019a083a8bc205a72e82f36ef7e
f6e8f9efafcfc82b3beae494a541e19e2ee52d9e6bd4a605e2b9586fb2721cdb
fb34f28afb0b0274a8d71f226f0694ed432e1c34ce828e1bc2389187c3d12132
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
ff324dd5e48bac6d799a7e090c47b8a1c2d907ad0a4d1c94992e8a3398dbd63c

turnanewleaf.org Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

97 %HTTPS

42 %IPv6

17 Domains

21 Subdomains

18 IPs

5 Countries

1834 kBTransfer

5774 kBSize

12 Cookies

11 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turnanewleaf.org Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

97 %
HTTPS

42 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

1834 kB
Transfer

5774 kB
Size

12
Cookies

93 HTTP transactions
3 data transactions