secure.roomtoread.org Open in urlscan Pro
2606:4700::6812:1084 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ca.engagingnetworks.app/page/email/click/2258/6330934
Effective URL:
https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2...
Submission: On March 31 via api (March 31st 2023, 6:39:50 am UTC) from IE — Scanned from DE

Summary HTTP 96 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 26 domains to perform 96 HTTP transactions. The main IP is 2606:4700::6812:1084, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.roomtoread.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.

This is the only time secure.roomtoread.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	2606:4700::68... 2606:4700::6812:1084	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
3	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	99.86.4.9 99.86.4.9	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
13	23.35.236.213 23.35.236.213	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:1344	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:e::210:f104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.147.122 18.66.147.122	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::ac43:4adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	99.81.23.58 99.81.23.58	16509 (AMAZON-02) (AMAZON-02)
1	54.187.57.130 54.187.57.130	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
96	34

7 2606:4700::6812:1084 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ca.engagingnetworks.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.roomtoread.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.35.236.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-213.deploy.static.akamaitechnologies.com

aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

air-prod.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1344 (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:e::210:f104 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-122.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
activity.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a13 (United States)

ASN13335 (CLOUDFLARENET, US)

popup.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.23.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-23-58.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.57.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-57-130.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rackcdn.com aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 100593	787 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	309 B
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1078 c.clarity.ms — Cisco Umbrella Rank: 1636 d.clarity.ms — Cisco Umbrella Rank: 57361	22 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	558 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 m.stripe.com — Cisco Umbrella Rank: 1249	113 KB
6	imgix.net air-prod.imgix.net — Cisco Umbrella Rank: 624183	1 MB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 517 p.typekit.net — Cisco Umbrella Rank: 654	125 KB
6	roomtoread.org 1 redirects secure.roomtoread.org	81 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	459 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
4	wisepops.com loader.wisepops.com — Cisco Umbrella Rank: 13330 popup.wisepops.com — Cisco Umbrella Rank: 16110 activity.wisepops.com — Cisco Umbrella Rank: 16185	24 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 407 c.bing.com — Cisco Umbrella Rank: 252	14 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 927 in.hotjar.com — Cisco Umbrella Rank: 2080	72 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 70869	113 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	17 KB
2	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 14230	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5216	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	353 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	71 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1464	659 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 17103	41 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	926 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1071	46 KB
1	engagingnetworks.app 1 redirects ca.engagingnetworks.app — Cisco Umbrella Rank: 221402	692 B
96	26

	Domain	Requested by
13	aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com	secure.roomtoread.org aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
8	www.facebook.com	secure.roomtoread.org
6	www.gstatic.com	www.google.com www.gstatic.com
6	air-prod.imgix.net	secure.roomtoread.org
6	secure.roomtoread.org	1 redirects secure.roomtoread.org
5	connect.facebook.net	secure.roomtoread.org connect.facebook.net
5	www.google.com	secure.roomtoread.org www.gstatic.com www.google.com
5	use.typekit.net	secure.roomtoread.org use.typekit.net
3	d.clarity.ms	www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com secure.roomtoread.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	q.stripe.com	secure.roomtoread.org
3	js.stripe.com	secure.roomtoread.org js.stripe.com
3	doublethedonation.com	secure.roomtoread.org doublethedonation.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	activity.wisepops.com	loader.wisepops.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	geoip-js.com	secure.roomtoread.org geoip-js.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	www.google.com
1	m.stripe.com	m.stripe.network
1	in.hotjar.com	script.hotjar.com
1	www.google.de	secure.roomtoread.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	popup.wisepops.com	loader.wisepops.com
1	script.hotjar.com	static.hotjar.com
1	loader.wisepops.com	secure.roomtoread.org
1	static.hotjar.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	secure.roomtoread.org
1	polyfill.io	secure.roomtoread.org
1	cdn.plaid.com	secure.roomtoread.org
1	code.jquery.com	secure.roomtoread.org
1	fonts.googleapis.com	secure.roomtoread.org
1	www.googleoptimize.com	secure.roomtoread.org
1	ca.engagingnetworks.app	1 redirects
96	37

This site contains links to these domains. Also see Links.

Domain
www.roomtoread.org
www.impactguru.com

Subject Issuer	Validity	Valid
secure.roomtoread.org Cloudflare Inc ECC CA-3	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2022-06-03` - `2023-07-04`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
*.ssl.cf5.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-23` - `2024-01-22`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-07` - `2023-04-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Frame ID: 2B87FADC4A57583B39A530084F8332B2
Requests: 81 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 1B13B0147C6AC9419EA20D91B4807971
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 822A145C6F604D137148BC68D56BAF9B
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zZWN1cmUucm9vbXRvcmVhZC5vcmc6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=nh3221607i7m
Frame ID: 6F8396AF9DD37C07F75AEB13D5C2C864
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Frame ID: F926C65C659D7929E0F4BDAC994D0D5A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make a donation

Page URL History Show full URLs

https://ca.engagingnetworks.app/page/email/click/2258/6330934 HTTP 307
https://secure.roomtoread.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fsecure.roomtoread.org%2Fpa... HTTP 307
https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Pag... Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

96
Requests

99 %
HTTPS

64 %
IPv6

26
Domains

37
Subdomains

34
IPs

5
Countries

4068 kB
Transfer

8737 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.roomtoread.org/

Search URL Search Domain Scan URL

URL: https://www.roomtoread.org/support-education/ways-to-give/
Title: Other Ways to Give

Search URL Search Domain Scan URL

URL: https://www.impactguru.com/fundraiser/help-room-to-read
Title: click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ca.engagingnetworks.app/page/email/click/2258/6330934 HTTP 307
https://secure.roomtoread.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934 HTTP 307
https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&RedC=c.clarity.ms&MXFR=0AF2004E42A664F001A312AB46A66A1B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&MUID=38D16D3800EB62B33F107FDD01806369

96 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
secure.roomtoread.org/page/119893/donate/
Redirect Chain

https://ca.engagingnetworks.app/page/email/click/2258/6330934
https://secure.roomtoread.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm...
https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Don...

58 KB
13 KB

187ms
187ms

Document
text/html

2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51c1cc9898cd208a346503410106cf705dc5c69ec7679e8c212dc466db09a2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b0698c9888290ec-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 31 Mar 2023 06:39:43 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7b0698c6de1d90ec-FRA
content-length: 0
date: Fri, 31 Mar 2023 06:39:43 GMT
location: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
46 KB 43ms
19ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P9NJJTB

Requested by

Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2607a185d61b6f7c82a33121597996e0afed7fee984c437e911ee43983944812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 Mar 2023 06:39:43 GMT

GET
H2 200 ukb0clv.css
use.typekit.net/ 5 KB
1 KB 55ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ukb0clv.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1050d345a30f04c2e73107102484570ac4f59903263329b2767810f0f009c00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 31 Mar 2023 06:39:43 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 866

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
926 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Pangolin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb42e9624cf43711e73a91ee15ce9ad4ab7c644245ec0ddd34d5d783189e3bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 31 Mar 2023 06:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 06:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Mar 2023 06:39:43 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 54ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:43 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1680244783.dop147.fr8.t,1680244783.cds056.fr8.hn,1680244783.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 enPage.css
secure.roomtoread.org/pageassets/css/ 45 KB
9 KB 417ms
415ms Stylesheet
text/css 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.roomtoread.org/pageassets/css/enPage.css?v=4.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 16:12:46 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 7b0698cab97990ec-FRA
expires: Fri, 31 Mar 2023 07:09:44 GMT

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 154 KB
21 KB 375ms
181ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: fe63a0bc548ebb27d59fe1a01b00dc7dde7c5c108182c65c4ab62a4b0640797d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 16:35:14 GMT
server: nginx
etag: "6425ba42-5295"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600;
content-length: 21141

GET
H2 200 pagedata.js Show response
secure.roomtoread.org/page/119893/ 29 KB
4 KB 137ms
135ms Script
text/javascript 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.roomtoread.org/page/119893/pagedata.js?locale=en-US&ea.profile.id=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fb91ae4922a081c07d18c91fd9309fd9976334d2ade10772833c6892dcc886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0698cab97a90ec-FRA
content-type: text/javascript

GET
H2 200 enPage.js Show response
secure.roomtoread.org/pageassets/js/ 181 KB
54 KB 237ms
235ms Script
application/javascript 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.roomtoread.org/pageassets/js/enPage.js?v=4.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9edde1d29fe692e62cc52b86db8a13dc2c34d6d5f75e69b98d77a30a7326de3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 16:12:46 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7b0698cab97b90ec-FRA
expires: Fri, 31 Mar 2023 07:09:43 GMT

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 432 KB
92 KB 464ms
272ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e715867b765ec2e09cc3d038600ae8ee3bfba3a51fa6354b5d47863ae6c5108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 16:35:13 GMT
server: nginx
etag: "6425ba41-16ef2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=3600;
content-length: 93938

GET
H2 200 / Show response
js.stripe.com/v3/ 452 KB
109 KB 54ms
8ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

90c1754146fc632ef8649ab3f4dd672430d5f9ba8cf0024c32885838f052ba36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 06:39:23 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 21
x-cache: Hit from cloudfront
last-modified: Thu, 30 Mar 2023 20:35:18 GMT
server: Cloudfront
etag: W/"ed997a2348184ecc5728d9c5d352fa30"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: HAAwKfTffJXK5QTz1d7QrsfZuQ_Bu4AhTjCHclbGyjLO3tvXPJtMnA==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 132 KB
41 KB 55ms
29ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e31bf0a97e9d9f9ec38f7d3fbaceaa3c6456448229f9c362af0231e5df06b59d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:03:23 GMT
x-amz-version-id: ukSlCJMhtK1k6wkZQ9q0q2lg2dOIVV9h
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-request-id: 3ES1CZA432NAPJJR
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 38181
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: Dxt5TShPk74b9lxBi5MuNfPT3u1zJhziK0Rb4wYm3eXh4jYvYPtHlP3zUJsmoy2SudEsbsAyojY=
last-modified: Thu, 30 Mar 2023 19:49:22 GMT
server: AmazonS3
etag: W/"6d7395409787444380af8562c011694d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: vyjjF5HrgrnJSuSvxfX6cVqWO2Bpfl-Fw7BUVnLFVpP6RDnLKsT4Gg==

GET
H/1.1 200
OK styles.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 475 KB
56 KB 93ms
26ms Stylesheet
text/css 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/styles.css?v=1651790186000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 534283175e2f5d20d04445cb9755365628ff832cdb2305a38261535e182c683f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2022 15:49:42 GMT
ETag: f1bc0bd32ea1ea109cb3ad8180626c64
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
X-Timestamp: 1653061781.23344
Cache-Control: public, max-age=372
X-Object-Meta-Enid: 1653061780980
Accept-Ranges: bytes
Connection: keep-alive, Transfer-Encoding
X-Trans-Id: tx0480073ed2dc4dda9d3e4-0064267e26iad3
Expires: Fri, 31 Mar 2023 06:45:55 GMT

GET
H/1.1 200
OK logo-mobile.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 5 KB
5 KB 14ms
13ms Image
image/png 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/logo-mobile.png?v=1622056116000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5c32268a63d52d9e204346e9ca3ae79145ad2faecb55a77d65367b748a63f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Wed, 26 May 2021 19:08:37 GMT
ETag: 48dffeba13e4d961df0163c0a187dc03
Content-Type: image/png
X-Timestamp: 1622056116.63149
Cache-Control: public, max-age=389
X-Object-Meta-Enid: 1622056116433
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx22d4c04dbe49453686280-0064267e28iad3
Content-Length: 4710
Expires: Fri, 31 Mar 2023 06:46:13 GMT

GET
H/1.1 200
OK logo.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 4 KB
5 KB 14ms
13ms Image
image/png 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/logo.png?v=1622056108000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2ce17583e0e2a19cb10b03ed86513f56ecbbd10c27f31ef48e07bf4cf9907c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Wed, 26 May 2021 19:08:29 GMT
ETag: 23eae9e3dfdc27caec3820b544edef2a
Content-Type: image/png
X-Timestamp: 1622056108.11281
Cache-Control: public, max-age=335
X-Object-Meta-Enid: 1622056107856
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx31b3364d2c4c45b7ac361-0064267e27iad3
Content-Length: 4179
Expires: Fri, 31 Mar 2023 06:45:19 GMT

GET
H/1.1 200
OK hero.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 231 KB
231 KB 18ms
15ms Image
image/jpeg 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/hero.jpg?v=1621537529000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d411b517e925d6371f5823697936a16272e7a2a232dc7b4d9c089a10b47d564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Thu, 20 May 2021 19:05:28 GMT
ETag: 9dbae2e1852f099fad0ef8f65ec3db88
Content-Type: image/jpeg
X-Timestamp: 1621537527.83591
Cache-Control: public, max-age=389
X-Object-Meta-Enid: 1621537527595
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx35d21386c4394fbc9a3aa-0064267e27iad3
Content-Length: 236225
Expires: Fri, 31 Mar 2023 06:46:13 GMT

GET
H/1.1 200
OK nealcandidseal.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 12 KB
13 KB 28ms
14ms Image
image/png 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/nealcandidseal.png?v=1669819026000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f311af03f38ee45a63e4cfee6f4f9cfc70ce1aa64d01d83d804c879db02f4efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Wed, 30 Nov 2022 14:37:07 GMT
ETag: c04ef2995a6e1d24a42abd7122a50239
Content-Type: image/png
X-Timestamp: 1669819026.51402
Cache-Control: public, max-age=304
X-Object-Meta-Enid: 1669819026278
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: txd62df39e01d34ac4a8392-0064267e27iad3
Content-Length: 12676
Expires: Fri, 31 Mar 2023 06:44:48 GMT

GET
H/1.1 200
OK Four-Star+Rating+Badge+-+Full+Color.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 92 KB
92 KB 42ms
14ms Image
image/png 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/Four-Star+Rating+Badge+-+Full+Color.png?v=1668701113000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 515743f383ac6798cfa240140eae4220989c11ec84d0d3ea574bae4783ea9655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Thu, 17 Nov 2022 16:05:13 GMT
ETag: 5f53b8148363a3475542f638f8c63d5d
Content-Type: image/png
X-Timestamp: 1668701112.93829
Cache-Control: public, max-age=380
X-Object-Meta-Enid: 1668701112728
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx69a931533b1449b29f0cc-0064267e27iad3
Content-Length: 94105
Expires: Fri, 31 Mar 2023 06:46:04 GMT

GET
H/1.1 200
OK r2r-mr-test-js.js Show response
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 2 KB
1 KB 17ms
17ms Script
application/x-javascript 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/r2r-mr-test-js.js?v=1664919903000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 57b1c40c4f171e27065e0c8bf7aa2c608bca640d7875da00449233301e0eb042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Oct 2022 21:45:04 GMT
ETag: aa6697404e7591e1f4270a284e846b69
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Timestamp: 1664919903.62298
Cache-Control: public, max-age=329
X-Object-Meta-Enid: 1664919903407
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx96b7c7db77bc42b998401-0064267e27iad3
Content-Length: 892
Expires: Fri, 31 Mar 2023 06:45:13 GMT

GET
H/1.1 200
OK r2r-mr-test-css.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 8 KB
2 KB 15ms
15ms Stylesheet
text/css 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/r2r-mr-test-css.css?v=1669908756000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66eeb39614b226a48bcedbdd1a391113f23279e9b19f52359d7327ea6fa6b35c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 15:32:37 GMT
ETag: 5cadf0dca3f897eee09687601486f74f
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1669908756.25766
Cache-Control: public, max-age=356
X-Object-Meta-Enid: 1669908756055
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx6fdd5849946e4b20aacde-0064267e27iad3
Content-Length: 2063
Expires: Fri, 31 Mar 2023 06:45:40 GMT

GET
H2 200 9726dfdc-9d72-4df5-902d-7b8255d4fe48.jpg
air-prod.imgix.net/ 390 KB
390 KB 71ms
28ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/9726dfdc-9d72-4df5-902d-7b8255d4fe48.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4301d8480f9d65b17e3d218e8ad8e074326a1bc742778f05186f400cd5c7eb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 4734976
x-cache: HIT, HIT
x-imgix-id: 12353b56e660f63bf2df803d8772eabab699c7b8
cross-origin-resource-policy: cross-origin
content-length: 399124
x-served-by: cache-sjc10031-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.584
last-modified: Fri, 30 Jul 2021 21:50:40 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3dee2f77-047c-4722-bdfd-7f77e6e7b7a8.jpg
air-prod.imgix.net/ 256 KB
256 KB 56ms
14ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/3dee2f77-047c-4722-bdfd-7f77e6e7b7a8.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8c326e4c04a104fc5206b74659728ad6242acbe14eb175a8aef4f1c0fe5fdb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 877216
x-cache: HIT, HIT
x-imgix-id: fbb4710548a26db8e6735f88dd617562dcc8ee9a
cross-origin-resource-policy: cross-origin
content-length: 262069
x-served-by: cache-sjc10071-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.9288
last-modified: Fri, 30 Jul 2021 21:56:34 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 974f71ec-7310-4fe5-8f4b-dc18989d2cdb.jpg
air-prod.imgix.net/ 194 KB
194 KB 55ms
13ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/974f71ec-7310-4fe5-8f4b-dc18989d2cdb.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

047298ce9e9b965f753723f866c9a032527dd7f1a8564611c4218b6ec6dd6e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 1220888
x-cache: HIT, HIT
x-imgix-id: 77e8c76a6044899aba37d423b57278513c5f7992
cross-origin-resource-policy: cross-origin
content-length: 198269
x-served-by: cache-sjc10052-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.9288
last-modified: Fri, 30 Jul 2021 22:08:09 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 04a8d739-fd73-41c4-8488-14a54d291e37.jpg
air-prod.imgix.net/ 204 KB
204 KB 56ms
13ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/04a8d739-fd73-41c4-8488-14a54d291e37.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

15f86a05fd5a37445fc69672e9a3c3b693d1cbec3c0be3f7fd27c0f91be42b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 918167
x-cache: HIT, HIT
x-imgix-id: eee8d23237bdb249da6f13d72100eaa07a1f1f39
cross-origin-resource-policy: cross-origin
content-length: 208945
x-served-by: cache-sjc10080-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.8776
last-modified: Fri, 30 Jul 2021 22:13:41 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cd7b42d4-acb4-4bb9-8185-f5613f09f09e.jpg
air-prod.imgix.net/ 169 KB
170 KB 71ms
28ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/cd7b42d4-acb4-4bb9-8185-f5613f09f09e.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

618cc8cab1b922a9b205636c663772b89dd8044cd6f354ad17c47e9d6053a5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 539735
x-cache: HIT, HIT
x-imgix-id: d69667eba263efdfabfc7d1dec7436f58773c55b
cross-origin-resource-policy: cross-origin
content-length: 173386
x-served-by: cache-sjc10055-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.9288
last-modified: Fri, 30 Jul 2021 22:16:42 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 809683c7-5f00-4e7e-89f2-422308a2f4d4.jpg
air-prod.imgix.net/ 224 KB
225 KB 55ms
13ms Image
application/octet-stream 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://air-prod.imgix.net/809683c7-5f00-4e7e-89f2-422308a2f4d4.jpg?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1a4bd5daee74a89ef2432a924d2821bc0079153b8e8448b9935fcf54d6bfc60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
x-content-type-options: nosniff
age: 245262
x-cache: HIT, HIT
x-imgix-id: 3f329a94575b46180665115b3db2699f7eec927c
cross-origin-resource-policy: cross-origin
content-length: 229854
x-served-by: cache-sjc10066-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm: 01.8776
last-modified: Fri, 30 Jul 2021 22:22:30 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Children.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 199 KB
199 KB 27ms
13ms Image
image/jpeg 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/Children.jpg?v=1628264592000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d39f042a53072262e4adb9814f5bf5097c473d8258ebbbb5f38fdf79f657caf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Last-Modified: Fri, 06 Aug 2021 15:43:13 GMT
ETag: 4bbaca2ea8c6466961797f273f2e6dd7
Content-Type: image/jpeg
X-Timestamp: 1628264592.42405
Cache-Control: public, max-age=331
X-Object-Meta-Enid: 1628264592152
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: txadd9899011b84588a2813-0064267e27iad3
Content-Length: 203308
Expires: Fri, 31 Mar 2023 06:45:15 GMT

GET
H/1.1 200
OK logo-footer.svg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 52 KB
37 KB 18ms
18ms Image
image/svg+xml 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/logo-footer.svg?v=1621537488000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b46163256e18d1e0ff5e2c7b58be5562fe5d7f20119b6fb9923e876aa79c082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 19:04:49 GMT
ETag: 245358d0794cc832c5796c7ff8bd9662
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1621537488.37153
Cache-Control: public, max-age=341
X-Object-Meta-Enid: 1621537488142
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: txf0c7316dd9e8454199a37-0064267e28iad3
Content-Length: 37477
Expires: Fri, 31 Mar 2023 06:45:25 GMT

GET
H2 200 geoip2.js Show response
geoip-js.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 54ms
16ms Script
application/javascript 2606:4700::6812:1344
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1344 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 18:30:57 GMT
server: cloudflare
age: 1451
etag: W/"6425d561-da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-ray: 7b0698cdc9fd37d7-FRA
expires: Fri, 31 Mar 2023 18:39:44 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
659 B 28ms
7ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Element.prototype.closest%2CURLSearchParams%2CElement.prototype.classList%2CElement.prototype.remove%2CElement.prototype.nextElementSibling

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 06:39:44 GMT
age: 187413
detected-user-agent: Chrome Mobile/111.0.0
useragent_normaliser: chrome/111.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Sun, 05 Mar 2023 16:54:09 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/111.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK vendor.js Show response
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 261 KB
61 KB 24ms
24ms Script
application/x-javascript 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/vendor.js?v=1659641728000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6faa7bfc51037e5326bec668b5c5b79b3540c6a81dd0bab768b12a53562a8d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 19:35:29 GMT
ETag: dff0da0ff2e49d2090bd028c60a28682
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
X-Timestamp: 1659641728.74332
Cache-Control: public, max-age=300
X-Object-Meta-Enid: 1659641728455
Accept-Ranges: bytes
Connection: keep-alive, Transfer-Encoding
X-Trans-Id: txd73aced999964b8dbffdf-0064267e28iad3
Expires: Fri, 31 Mar 2023 06:44:44 GMT

GET
H/1.1 200
OK scripts.min.js Show response
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 286 KB
74 KB 24ms
22ms Script
application/x-javascript 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/scripts.min.js?v=1660840530000
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b48962ce9d77e6d174f34d8678630dacdade1edf5d899c854da1736c41108599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2022 16:35:31 GMT
ETag: dd0d219a7d69240f0e36fcc13fb594c0
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
X-Timestamp: 1660840530.40615
Cache-Control: public, max-age=408
X-Object-Meta-Enid: 1660840530205
Accept-Ranges: bytes
Connection: keep-alive, Transfer-Encoding
X-Trans-Id: txe227b984d7b34662a157c-0064267e27iad3
Expires: Fri, 31 Mar 2023 06:46:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
71 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBFNT8M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84860a93c01d56a42f17188fddd0dd6ae23b6c746e3f0fbfccdbd8dfc5f570eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72253
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Mar 2023 06:39:44 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 98ms
23ms Stylesheet
text/css 2a02:26f0:480:e::210:f104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ukb0clv&ht=tk&f=139.173.175.5474.12729.12730.12731&a=14510703&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ukb0clv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:43 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 33 KB
33 KB 55ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ukb0clv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc

Request headers

Referer: https://use.typekit.net/ukb0clv.css
Origin: https://secure.roomtoread.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
server: nginx
etag: "f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33364

GET
H2 200 l
use.typekit.net/af/d92c7e/000000000000000077359ebf/30/ 23 KB
24 KB 54ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d92c7e/000000000000000077359ebf/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ukb0clv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a81513a1ff9a02dfa92e3f1552e02c47b17cca840c864af7b60ba5d669abe2fb

Request headers

Referer: https://use.typekit.net/ukb0clv.css
Origin: https://secure.roomtoread.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
server: nginx
etag: "d7d4c0cf91616feb83dfa9b7f795627cfb6d66e2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24024

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5214c739829c1d3977c85f5095e470fc6d1eb355d5cbfe47726ae471bc6ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK gift-aid.svg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/ 14 KB
11 KB 20ms
20ms Image
image/svg+xml 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/gift-aid.svg?v=1623102093000
Requested by: Host: aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/styles.css?v=1651790186000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a506101629d3ca2e045779aa77a56893f7869bb95ce3d7f630df0f47658ed88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/2258/styles.css?v=1651790186000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 06:39:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 21:41:34 GMT
ETag: 2319da8b7103e0ab156d46a7ebca54ff
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1623102093.26317
Cache-Control: public, max-age=350
X-Object-Meta-Enid: 1623102093039
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx5e96f78fd14e4764a2e48-0064267e29iad3
Content-Length: 10645
Expires: Fri, 31 Mar 2023 06:45:34 GMT

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08090ed43b243ee6fb2197ca8bde64bc03f2137f2380ff4429b45f1f8a8d4e72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 33 KB
34 KB 22ms
20ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ukb0clv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221

Request headers

Referer: https://use.typekit.net/ukb0clv.css
Origin: https://secure.roomtoread.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
server: nginx
etag: "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34148

GET
H2 200 l
use.typekit.net/af/56b0cd/00000000000000007735957d/30/ 34 KB
34 KB 13ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ukb0clv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3be30c09a4c2a44586ae9710ad7c61e5b9e57ba9d24935ad3e6f61aca28b9b06

Request headers

Referer: https://use.typekit.net/ukb0clv.css
Origin: https://secure.roomtoread.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
server: nginx
etag: "efd2a4eb0e71949802f825497dfc78423b4eaac3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34328

GET
H2 200 pagedata Show response
secure.roomtoread.org/page/119893/donate/1/ 189 B
491 B 127ms
126ms XHR
application/json 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.roomtoread.org/page/119893/donate/1/pagedata

Requested by

Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2b43e1b92a4acb8e2377a1ab26e62b279b5cf960eaffcc592729214ce189ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0698cffe0a90ec-FRA
content-type: application/json

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 48ms
19ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fb1a2354c8e7d03fb4abe84b5f9ae45cd206c98f752c379dbb5f5623bbd444d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 31 Mar 2023 06:39:44 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 1B13 200 B
1 KB 9ms
9ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.roomtoread.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1009
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 31 Mar 2023 06:22:55 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 28 Mar 2023 20:14:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-id: rK5SKgHk02Hy7u9LUzIp41fMCCliWI_QyTrBnPNbhi5hy-bEpRuYDw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 me Show response
geoip-js.com/geoip/v2.1/country/ 757 B
957 B 52ms
35ms XHR
application/vnd.maxmind.com-country+json 2606:4700::6812:1344
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fsecure.roomtoread.org

Requested by

Host: geoip-js.com
URL: https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1344 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48ee3a1efa594fd7c4b08426e5a5bab9748c079dfe96ebc8ddf0b2cd0accfc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 7b0698d188a83a85-FRA
content-length: 757

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b06adcbb68915f79b5dda70b3779e49fd0e5f4abfee8f9c5969bc08184f98fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 csp-report
q.stripe.com/ Frame 1B13 0
640 B 526ms
167ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680244785380914
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1B13 0
640 B 526ms
167ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680244785380934
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B13 631 B
1 KB 8ms
8ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 31 Mar 2023 06:34:28 GMT
x-content-type-options: nosniff
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 319
x-cache: Hit from cloudfront
content-length: 631
last-modified: Tue, 28 Mar 2023 17:00:57 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gPcHtB1lZjr4rpl-2S15-OI36ZEYT9M6EQNLJW8bfpx0CAy_uRYmrQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBFNT8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 06:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 31 Mar 2023 08:05:11 GMT

GET
H2 200 hotjar-1201086.js Show response
static.hotjar.com/c/ 9 KB
4 KB 37ms
7ms Script
application/javascript 18.66.147.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1201086.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBFNT8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-122.fra60.r.cloudfront.net

Software

Resource Hash

7b96a3f6db6584336386a521297fb4158e87f3d8cfeb8ff2c6947f1ecac2f2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 47
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/6f7898de13c244965903ea7bf93fa1f2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: 0YjmzJpsPSNSxVGnq6PUU3DhoiVwAd-w-0jpe13mrb19xmiEp4D1tg==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 57ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBFNT8M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 31 Mar 2023 06:39:44 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC0E339A14AF4AB9A90FA461FF04A845 Ref B: FRAEDGE1510 Ref C: 2023-03-31T06:39:44Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 Mar 2023 06:39:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nC0soEL7VzPmoJ1GAswUFoIDRng0dlrsyId7mnKwvvwD4NXG2Jr1oVPMIM+W5KokOC9dFhPQg2AYzxYim06DUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get-loader.js Show response
loader.wisepops.com/ 74 KB
23 KB 43ms
26ms Script
text/javascript 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=9AdcodRCpy
Requested by: Host: secure.roomtoread.org
URL: https://secure.roomtoread.org/page/119893/donate/1?ea.tracking.id=2023_March_Email_Newsletter_Donation_Page&utm_source=March_2023_Newsletter&utm_medium=email&utm_campaign=Newsletter&utm_content=Donation_Page_Footer&utm_term=Donor_And_Lead&ea.url.id=6330934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f4324a59ca2ba79fe82aef167948774e058e8558ae27a7082b5d6680bf975e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 06:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 524
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bJIT8FapW94ETSPt4gVYRcguTk2u0BRw%2B3p7D61U6pbacenS%2FeNBsflgythwMBrAzF05KyG5NTHs974W5o4APD3ZFTpI7zxL%2FeN3TiWCY5fOdTu7rbupuUdgXCR%2FvwPjjjvrCX%2B8gtgzZ86R3nNja8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-cloud-trace-context: 612112ddc5ceec26637700abdcdcb7e0
cache-control: private, max-age=1800
cf-ray: 7b0698d218032c4d-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ 409 KB
165 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.roomtoread.org/
Origin: https://secure.roomtoread.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 22:52:10 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 822A 930 B
1 KB 49ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 31 Mar 2023 06:39:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 139
x-content-type-options: nosniff
x-request-id: 2ae90e28-da89-4c5a-866e-80ed943ebdec
x-served-by: cache-fra-eddf8230077-FRA
x-timer: S1680244785.011235,VS0,VE0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=710720803&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&ul=en-us&de=UTF-8&dt=Make%20a%20donation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=176447126&gjid=1786960788&cid=1518634843.1680244785&tid=UA-1569382-1&_gid=1635531515.1680244785&_r=1&_slc=1&gtm=45He33t0n81TBFNT8M&z=709498257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 06:39:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.roomtoread.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 857380530974544 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/857380530974544?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb295750ac1c92c2dd6456090bc11d452926a5b21c93369b7d88f1065535dc59

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110478
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LRbE+HHxtzDvfWKI13l3gyZgBbQeEqzex/cxJqmJPvZZbHaY9U/PoglBhYfS9i90WBSyNIbGwmR5UrjiXNwgfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.76304821fe35d593f0f4.js Show response
script.hotjar.com/ 264 KB
68 KB 32ms
7ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.76304821fe35d593f0f4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1201086.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 81818
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68985
last-modified: Thu, 30 Mar 2023 07:56:01 GMT
etag: "fa9caf97b169b97f64425fac5776898a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3UVpiWA3VnmlH1Koe8PBROUqI7DUnG0geurMjL4Sfq50n1cup7doyQ==

POST
H2 200 my-wisepop Show response
popup.wisepops.com/ 346 B
808 B 190ms
172ms XHR
application/json 2606:4700:20::681a:a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.wisepops.com/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=9AdcodRCpy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbea01b87f3b129ce2c2d3be1d491d552f9ad136c813fe45a1c1f16a3859b53d

Request headers

Accept: application/json
Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST, GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urFPQrzW0YcKe9RTNYz8Wq%2FV%2FXzKxK7p8y0hVfwpItwUtrA48RCAz5HMIyJ%2FNTGpkfZXBTi9NvhqtSyt75Xmobz7df1LgJEPNm6xOoueX7oC%2FEDACgl8aNvCSkwCqc7u9hNF9eW0HljMvr3XyECZzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: a24db3eefde3b15f103e1e92d9b04678
cache-control: no-store
cf-ray: 7b0698d28b5d39df-FRA
access-control-allow-headers: *

POST
H2 200 / Show response
activity.wisepops.com/ 0
268 B 120ms
119ms XHR
text/plain 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=1.4.2&site=9AdcodRCpy
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=9AdcodRCpy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TZ3xtajQYv6GRtAycFhxKURD5bXc%2B5M4in3zkcRyc49pWgmGVi7sVkCYqlPeV1BlpNNuHqetn6esoRmKTtwtXR3dHgi%2BuhhTwDkMWOjqXxwLajtO50O3ts1ie5zOjCpdBXuuV0ONUQo5NybHERphq2K%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b0698d34b9c68e9-FRA
content-length: 0

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 129ms
112ms Preflight 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=1.4.2&site=9AdcodRCpy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.roomtoread.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 7b0698d28add68e9-FRA
content-length: 0
date: Fri, 31 Mar 2023 06:39:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRP%2Fd0Ny1sCw2hRow9pE6lHVeVfSVA11eIwMiwftJ%2FABgcp6yiqSprMfUTyz6%2BHda33%2F3QJOBE%2BQcFxDK%2FGXOREG1k4%2F4ykVSH%2FhPBN1PJ7exbb5jagWDnQndIhMEwzUGriCN45cVXGH%2F%2FHpuT2ib3VK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1569382-1&cid=1518634843.1680244785&jid=176447126&gjid=1786960788&_gid=1635531515.1680244785&_u=YEBAAEAAAAAAACAAI~&z=351701226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 31 Mar 2023 06:39:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.roomtoread.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 822A 0
415 B 428ms
166ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Fri, 31 Mar 2023 06:39:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680244785380940
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 822A 86 KB
16 KB 6ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 31 Mar 2023 06:39:45 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 90
x-cache: HIT
content-length: 16031
x-request-id: 883fa673-a17a-43bf-91e9-386ef7ce68a2
x-served-by: cache-fra-eddf8230077-FRA
server: Fastly
x-timer: S1680244785.040563,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 55

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6F83 49 KB
27 KB 30ms
29ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zZWN1cmUucm9vbXRvcmVhZC5vcmc6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=nh3221607i7m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38ba7fb0238a884974d94cb3241b6e6526aae39c94ca9f3c68a3b93d82e15782

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TQ6xZeNhHf8MfDdjyYs40A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.roomtoread.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27255
content-security-policy: script-src 'report-sample' 'nonce-TQ6xZeNhHf8MfDdjyYs40A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 06:39:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 259000882.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 114ms
114ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/259000882.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

2e8c12b4a63eeb2339fd9f64119228833d41044f4bbd7ee602035636e2e73e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 31 Mar 2023 06:39:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BB6FC571884446295A1434EF4D8C02E Ref B: FRAEDGE1510 Ref C: 2023-03-31T06:39:45Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1497

GET
H2 204 0
bat.bing.com/action/ 0
286 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=259000882&tm=gtm002&Ver=2&mid=2e9699b9-3125-4bc0-9061-ecdbdbe3198f&sid=d30657f0cf8e11eda2c215cb1e3112a5&vid=d3068540cf8e11ed8feeb33165432282&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Make%20a%20donation&p=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&r=&lt=2372&evt=pageLoad&sv=1&rn=707864

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 31 Mar 2023 06:39:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D0644E9EDB742D9AFD9198ED03699C1 Ref B: FRAEDGE1510 Ref C: 2023-03-31T06:39:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2244120112491555 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2244120112491555?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b073b0d5a9c87c34b3a865e8ab7cb72af8cad1ab5e54843928ff8a14d155cdbc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110240
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7roysD4kcUI98yHIm1KiKKthabgKug3TQ91GdLSXaLsSoRA+/Fx+o2GifhT0coeTgsKdIMIl+cfL31Vi/EJRjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 37ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=857380530974544&ev=PageView&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785119&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1569382-1&cid=1518634843.1680244785&jid=176447126&_u=YEBAAEAAAAAAACAAI~&z=1156970612

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 06:39:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 40ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1569382-1&cid=1518634843.1680244785&jid=176447126&_u=YEBAAEAAAAAAACAAI~&z=1156970612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 06:39:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 6F83 55 KB
24 KB 24ms
10ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zZWN1cmUucm9vbXRvcmVhZC5vcmc6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=nh3221607i7m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 22:18:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 6F83 409 KB
164 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 22:52:10 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1201086/ 148 B
323 B 127ms
38ms XHR
application/json 99.81.23.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1201086/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.23.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-23-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a6aac8e9a67e2442b43e625709a99abeb6ab0148e94dd788cee106f2710c3906

Request headers

Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 6 Show response
m.stripe.com/ Frame 822A 156 B
669 B 525ms
172ms XHR
application/json 54.187.57.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.57.130 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-57-130.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

09a54a8de3384f7828cdad4cc48abcdd5b26c1854ffb53c725eeae3839366866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 31 Mar 2023 06:39:45 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680244785676723
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680244785676230
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 187809015351984 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/187809015351984?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

69633664c0a907bd1e4bc8f535a462481d18d6a9461abe4566dff3780735e10d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110247
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ErduXPOWWKjxIkA3Cwu3rs4b/pB2lMkrd24OITFYGQSdhZIfnd44FlTDaxAler1nN1KCF5ys85FdhPzyYmHodg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2244120112491555&ev=PageView&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785242&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 259000882 Show response
www.clarity.ms/tag/uet/ 991 B
1 KB 150ms
99ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/259000882
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/259000882.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8511d0aa9742155e79e139b9d2e726b03930d176e746ca4fc4de85e96cc793a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 31 Mar 2023 06:39:45 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0MYAmZAAAAACTg9uUZyRwR6Mw2qS4JofzRlJBMzFFREdFMDMxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
DATA 200
OK truncated
/ Frame 6F83 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F83 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6F83 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 131674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Apr 2023 18:05:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6F83 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 245317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6F83 102 B
134 B 18ms
16ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zZWN1cmUucm9vbXRvcmVhZC5vcmc6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=nh3221607i7m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 31 Mar 2023 06:39:45 GMT

GET
H3 200 173646130202502 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173646130202502?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2c2aeab5adb8d1948ea698f9130f9a252c33e23eabecce92549694701902587

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110242
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: x5C/XkCTe1yRckuDrn272fV3tF3QwU0bL9TyDc04NTmffv7awfXw5OP2cHC+07v3hJp5rDSRa/vQBOOC5Djs3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187809015351984&ev=PageView&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785297&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173646130202502&ev=PageView&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785378&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F926 7 KB
1 KB 19ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b70642cc5e2b4fa87ed28ffc9ebd9928d474d6b57206498c3d3ffaf7f31565a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-So1UIBjlLsyoNzHSpbMZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.roomtoread.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-So1UIBjlLsyoNzHSpbMZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 06:39:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.7.6/ 56 KB
19 KB 10ms
9ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/259000882
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-azure-ref-originshield: 00H0lZAAAAADIjIDRdd7fTJJh4VZPh0N/RlJBMjMxMDUwNDE4MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d9629e1c1a468a"
x-azure-ref: 0MYAmZAAAAADkhuYoczK9SJzJVN1qj8bFRlJBMzFFREdFMDMxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame F926 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 22:18:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame F926 409 KB
164 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 22:52:10 GMT

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 824 B
548 B 279ms
94ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=IcCsiSczyCd5Mp3T

Requested by

Host: doublethedonation.com
URL: https://doublethedonation.com/api/js/ddplugin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

635eb66436e04f93d889c63b8e3108f52866ae0e536ad42a3a8671b841318310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json;charset=utf-8
access-control-allow-credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&RedC=c.clarity.ms&MXFR=0AF2004E42A664F001A312AB46A66A1B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&MUID=38D16D3800EB62B33F107FDD01806369

42 B
443 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&MUID=38D16D3800EB62B33F107FDD01806369
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 06:39:45 GMT
last-modified: Thu, 16 Mar 2023 17:16:22 GMT
server: Microsoft-IIS/10.0
etag: "c4b6d572b58d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 31 Mar 2023 06:39:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81E357B0451F4AC9846F0788EA6E9C12 Ref B: FRAEDGE1510 Ref C: 2023-03-31T06:39:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=84710BDC2CCD4647902C4A004E7DE2CD&MUID=38D16D3800EB62B33F107FDD01806369
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=710720803&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&ul=en-us&de=UTF-8&dt=Make%20a%20donation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Engagement&ea=Scroll&el=25%25&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1518634843.1680244785&tid=UA-1569382-1&_gid=1635531515.1680244785&gtm=45He33t0n81TBFNT8M&z=252346462

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45274
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
301 B 295ms
95ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.roomtoread.org
Date: Fri, 31 Mar 2023 06:39:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=857380530974544&ev=Microdata&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Make%20a%20donation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
301 B 374ms
189ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.roomtoread.org
Date: Fri, 31 Mar 2023 06:39:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2244120112491555&ev=Microdata&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785747&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Make%20a%20donation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187809015351984&ev=Microdata&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785799&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Make%20a%20donation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173646130202502&ev=Microdata&dl=https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Fea.tracking.id%3D2023_March_Email_Newsletter_Donation_Page%26utm_source%3DMarch_2023_Newsletter%26utm_medium%3Demail%26utm_campaign%3DNewsletter%26utm_content%3DDonation_Page_Footer%26utm_term%3DDonor_And_Lead%26ea.url.id%3D6330934&rl=&if=false&ts=1680244785879&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Make%20a%20donation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.roomtoread.org%2Fpage%2F119893%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1680244785118.1303373223&it=1680244785009&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.roomtoread.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 Mar 2023 06:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
301 B 93ms
93ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.roomtoread.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.roomtoread.org
Date: Fri, 31 Mar 2023 06:39:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.roomtoread.org/page/119893/donate	1969-12-31 23:59:59	Name: wisepops_activity_session Value: %7B%22id%22%3A%225e69c162-5bdf-484c-bfb0-4c1592b30332%22%2C%22start%22%3A1680244785028%7D
secure.roomtoread.org/page	1969-12-31 23:59:59	Name: JSESSIONID Value: oVt9G1Txy7JLLC5JgDOnnSRkj6sJ31z10eDh-Vxy.cac1-prd-web2
.roomtoread.org/page	1970-01-20 10:44:08	Name: en_sessionId Value: 3edabacc214143dbb43541e1fa3300bb-cac1-prd-web2
ca.engagingnetworks.app/	1970-01-20 10:54:09	Name: AWSALB Value: wNbzErnr37NTsbrGSnYEoHaLSnoLsc8YJi8t0RxsBcIzw6umc6LqLxPqX5YqfhBC7z7opsZUXeXtrCvmAoCos3BvaDzc385sqEuufR3KPiFQH8dzLWGboYBKOK83
ca.engagingnetworks.app/	1970-01-20 10:54:09	Name: AWSALBCORS Value: wNbzErnr37NTsbrGSnYEoHaLSnoLsc8YJi8t0RxsBcIzw6umc6LqLxPqX5YqfhBC7z7opsZUXeXtrCvmAoCos3BvaDzc385sqEuufR3KPiFQH8dzLWGboYBKOK83
secure.roomtoread.org/	1970-01-20 10:54:09	Name: AWSALB Value: b/pDPLzsnld+2Cq98sAYSd4dNoYrfjjSzBRlEipikVlmeZnLqyb/QCKUHECSQEJL+iwSjZixtKM3aVufKzMIo+TRD64khu6wVTAKYdDns5+yLNjE6DRr/eJ6hpU8
secure.roomtoread.org/	1970-01-20 10:54:09	Name: AWSALBCORS Value: b/pDPLzsnld+2Cq98sAYSd4dNoYrfjjSzBRlEipikVlmeZnLqyb/QCKUHECSQEJL+iwSjZixtKM3aVufKzMIo+TRD64khu6wVTAKYdDns5+yLNjE6DRr/eJ6hpU8
.roomtoread.org/	1970-01-20 20:20:04	Name: _ga Value: GA1.2.1518634843.1680244785
.roomtoread.org/	1970-01-20 10:45:31	Name: _gid Value: GA1.2.1635531515.1680244785
.roomtoread.org/	1970-01-20 10:44:04	Name: _gat_UA-1569382-1 Value: 1
.roomtoread.org/	1970-01-20 20:20:04	Name: wisepops Value: %7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A1%2C%22ucrn%22%3A90%2C%22cid%22%3A%2247460%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.roomtoread.org/	1970-01-20 20:20:04	Name: wisepops_visits Value: %5B%222023-03-31T06%3A39%3A44.959Z%22%5D
.roomtoread.org/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222023-03-31T06%3A39%3A44.959Z%22%2C%22mtime%22%3A1680244785021%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%22source%22%3A%22March_2023_Newsletter%22%2C%22medium%22%3A%22email%22%2C%22campaign%22%3A%22Newsletter%22%2C%22term%22%3A%22Donor_And_Lead%22%2C%22content%22%3A%22Donation_Page_Footer%22%7D%2C%22testIp%22%3Anull%7D
.roomtoread.org/	1970-01-20 10:45:31	Name: _uetsid Value: d30657f0cf8e11eda2c215cb1e3112a5
.roomtoread.org/	1970-01-20 20:05:40	Name: _uetvid Value: d3068540cf8e11ed8feeb33165432282
.roomtoread.org/	1970-01-20 12:53:40	Name: _fbp Value: fb.1.1680244785118.1303373223
.bing.com/	1970-01-20 20:05:40	Name: MUID Value: 38D16D3800EB62B33F107FDD01806369
.roomtoread.org/	1970-01-20 19:29:40	Name: _hjSessionUser_1201086 Value: eyJpZCI6IjE5ODMzYmRjLTBkYjQtNWZjMi04Nzk0LTA3MWFjMzBkNzA3YSIsImNyZWF0ZWQiOjE2ODAyNDQ3ODUyMDIsImV4aXN0aW5nIjpmYWxzZX0=
.roomtoread.org/	1970-01-20 10:44:06	Name: _hjFirstSeen Value: 1
.roomtoread.org/	1970-01-20 10:44:04	Name: _hjIncludedInSessionSample_1201086 Value: 0
.roomtoread.org/	1970-01-20 10:44:06	Name: _hjSession_1201086 Value: eyJpZCI6ImJlNmM5MDBmLTc4NWYtNGRkMy1iOWNjLTRiMmQwYTc4MmM3MCIsImNyZWF0ZWQiOjE2ODAyNDQ3ODUyMTAsImluU2FtcGxlIjpmYWxzZX0=
secure.roomtoread.org/	1970-01-20 10:44:04	Name: _hjIncludedInPageviewSample Value: 1
.roomtoread.org/	1970-01-20 10:44:06	Name: _hjAbsoluteSessionInProgress Value: 0
www.clarity.ms/	1970-01-20 19:29:40	Name: CLID Value: 1cea43fa78194452b429a78a43a5a603.20230331.20240330
.roomtoread.org/	1970-01-20 19:29:40	Name: _clck Value: 1shnt8m\|1\|fad\|0
.c.bing.com/	1970-01-20 10:54:09	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:05:40	Name: SRM_B Value: 38D16D3800EB62B33F107FDD01806369
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:05:40	Name: MUID Value: 38D16D3800EB62B33F107FDD01806369
.c.clarity.ms/	1970-01-20 10:54:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 10:44:05	Name: ANONCHK Value: 0
m.stripe.com/	1970-01-20 20:20:04	Name: m Value: 4379afaf-8a71-4865-be26-e193e0bebdcc067259
.secure.roomtoread.org/	1970-01-20 19:29:40	Name: __stripe_mid Value: b4f54bc2-f926-4ff9-ab71-b6bbbb2b51df2ffbc4
.secure.roomtoread.org/	1970-01-20 10:44:06	Name: __stripe_sid Value: 63b8b3ab-0859-48fa-8715-99722dfe7d68194cd8
.roomtoread.org/	1970-01-20 10:45:31	Name: _clsk Value: 9kearj\|1680244785820\|1\|1\|d.clarity.ms/collect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
activity.wisepops.com
air-prod.imgix.net
bat.bing.com
c.bing.com
c.clarity.ms
ca.engagingnetworks.app
cdn.plaid.com
code.jquery.com
connect.facebook.net
d.clarity.ms
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
in.hotjar.com
js.stripe.com
loader.wisepops.com
m.stripe.com
m.stripe.network
p.typekit.net
polyfill.io
popup.wisepops.com
q.stripe.com
script.hotjar.com
secure.roomtoread.org
static.hotjar.com
stats.g.doubleclick.net
use.typekit.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
13.32.121.78
151.101.64.176
18.66.147.122
2001:4de0:ac18::1:a:2b
23.35.236.213
23.96.109.67
2606:4700:20::681a:a13
2606:4700:20::ac43:4adc
2606:4700::6812:1084
2606:4700::6812:1344
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:148f
2a02:26f0:480:e::210:f104
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::282
2a04:4e42:8d::720
40.76.174.66
52.222.236.74
54.186.23.98
54.187.57.130
68.219.88.97
99.81.23.58
99.86.4.9
047298ce9e9b965f753723f866c9a032527dd7f1a8564611c4218b6ec6dd6e73
08090ed43b243ee6fb2197ca8bde64bc03f2137f2380ff4429b45f1f8a8d4e72
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09a54a8de3384f7828cdad4cc48abcdd5b26c1854ffb53c725eeae3839366866
0d411b517e925d6371f5823697936a16272e7a2a232dc7b4d9c089a10b47d564
0f4324a59ca2ba79fe82aef167948774e058e8558ae27a7082b5d6680bf975e7
1050d345a30f04c2e73107102484570ac4f59903263329b2767810f0f009c00b
15f86a05fd5a37445fc69672e9a3c3b693d1cbec3c0be3f7fd27c0f91be42b06
18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f
1a4bd5daee74a89ef2432a924d2821bc0079153b8e8448b9935fcf54d6bfc60f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2607a185d61b6f7c82a33121597996e0afed7fee984c437e911ee43983944812
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
2ce17583e0e2a19cb10b03ed86513f56ecbbd10c27f31ef48e07bf4cf9907c2a
2e8c12b4a63eeb2339fd9f64119228833d41044f4bbd7ee602035636e2e73e48
38ba7fb0238a884974d94cb3241b6e6526aae39c94ca9f3c68a3b93d82e15782
3be30c09a4c2a44586ae9710ad7c61e5b9e57ba9d24935ad3e6f61aca28b9b06
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4301d8480f9d65b17e3d218e8ad8e074326a1bc742778f05186f400cd5c7eb60
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48ee3a1efa594fd7c4b08426e5a5bab9748c079dfe96ebc8ddf0b2cd0accfc85
4b46163256e18d1e0ff5e2c7b58be5562fe5d7f20119b6fb9923e876aa79c082
4e5214c739829c1d3977c85f5095e470fc6d1eb355d5cbfe47726ae471bc6ed1
515743f383ac6798cfa240140eae4220989c11ec84d0d3ea574bae4783ea9655
534283175e2f5d20d04445cb9755365628ff832cdb2305a38261535e182c683f
57b1c40c4f171e27065e0c8bf7aa2c608bca640d7875da00449233301e0eb042
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
618cc8cab1b922a9b205636c663772b89dd8044cd6f354ad17c47e9d6053a5ec
635eb66436e04f93d889c63b8e3108f52866ae0e536ad42a3a8671b841318310
66eeb39614b226a48bcedbdd1a391113f23279e9b19f52359d7327ea6fa6b35c
69633664c0a907bd1e4bc8f535a462481d18d6a9461abe4566dff3780735e10d
6a506101629d3ca2e045779aa77a56893f7869bb95ce3d7f630df0f47658ed88
6e715867b765ec2e09cc3d038600ae8ee3bfba3a51fa6354b5d47863ae6c5108
6faa7bfc51037e5326bec668b5c5b79b3540c6a81dd0bab768b12a53562a8d4f
6fb1a2354c8e7d03fb4abe84b5f9ae45cd206c98f752c379dbb5f5623bbd444d
7b96a3f6db6584336386a521297fb4158e87f3d8cfeb8ff2c6947f1ecac2f2f9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84860a93c01d56a42f17188fddd0dd6ae23b6c746e3f0fbfccdbd8dfc5f570eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8511d0aa9742155e79e139b9d2e726b03930d176e746ca4fc4de85e96cc793a1
8c326e4c04a104fc5206b74659728ad6242acbe14eb175a8aef4f1c0fe5fdb15
90c1754146fc632ef8649ab3f4dd672430d5f9ba8cf0024c32885838f052ba36
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b06adcbb68915f79b5dda70b3779e49fd0e5f4abfee8f9c5969bc08184f98fd
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6aac8e9a67e2442b43e625709a99abeb6ab0148e94dd788cee106f2710c3906
a81513a1ff9a02dfa92e3f1552e02c47b17cca840c864af7b60ba5d669abe2fb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221
b073b0d5a9c87c34b3a865e8ab7cb72af8cad1ab5e54843928ff8a14d155cdbc
b48962ce9d77e6d174f34d8678630dacdade1edf5d899c854da1736c41108599
b51c1cc9898cd208a346503410106cf705dc5c69ec7679e8c212dc466db09a2e
b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9
b70642cc5e2b4fa87ed28ffc9ebd9928d474d6b57206498c3d3ffaf7f31565a4
b9fb91ae4922a081c07d18c91fd9309fd9976334d2ade10772833c6892dcc886
bb295750ac1c92c2dd6456090bc11d452926a5b21c93369b7d88f1065535dc59
c5c32268a63d52d9e204346e9ca3ae79145ad2faecb55a77d65367b748a63f71
cb42e9624cf43711e73a91ee15ce9ad4ab7c644245ec0ddd34d5d783189e3bc3
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc
d2c2aeab5adb8d1948ea698f9130f9a252c33e23eabecce92549694701902587
d39f042a53072262e4adb9814f5bf5097c473d8258ebbbb5f38fdf79f657caf6
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e31bf0a97e9d9f9ec38f7d3fbaceaa3c6456448229f9c362af0231e5df06b59d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2b43e1b92a4acb8e2377a1ab26e62b279b5cf960eaffcc592729214ce189ff1
f311af03f38ee45a63e4cfee6f4f9cfc70ce1aa64d01d83d804c879db02f4efe
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9edde1d29fe692e62cc52b86db8a13dc2c34d6d5f75e69b98d77a30a7326de3
fbea01b87f3b129ce2c2d3be1d491d552f9ad136c813fe45a1c1f16a3859b53d
fe63a0bc548ebb27d59fe1a01b00dc7dde7c5c108182c65c4ab62a4b0640797d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

secure.roomtoread.org Open in urlscan Pro 2606:4700::6812:1084 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

99 %HTTPS

64 %IPv6

26 Domains

37 Subdomains

34 IPs

5 Countries

4068 kBTransfer

8737 kBSize

35 Cookies

3 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.roomtoread.org Open in urlscan Pro
2606:4700::6812:1084 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

99 %
HTTPS

64 %
IPv6

26
Domains

37
Subdomains

34
IPs

5
Countries

4068 kB
Transfer

8737 kB
Size

35
Cookies

96 HTTP transactions
5 data transactions